4 General
33.1283GPPProtocol and procedures for Lawful Interception (LI)Release 18SecurityStage 3TS
4.1 Introduction
The present document provides details of the internal and external interfaces required for a network operator, access provider and/or service provider to provide the necessary information to a Law Enforcement Agency (LEA) required to meet LI requirements. LI requirements for 3GPP networks and services are given in TS 33.126 [3].
The high-level architecture that defines the necessary interfaces is specified in TS 33.127 [5]. The generic high-level interception architecture is as follows:
Figure 4.1-1: High-level interception architecture diagram with key point-to-point LI interfaces
The generic high-level acquisition architecture is as follows:
Figure 4.1-2: High-level acquisition architecture diagram with key point-to-point LI interfaces
The specification of the interfaces is split into two parts:
– Internal interfaces used between an operator’s network functions are described in clause 4.2.
– External interfaces used in communicating with a LEA are described in clause 4.3.
4.2 Basic principles for internal interfaces
This clause lists the internal interfaces shown in clause 4.1, indicates the protocol used to realise each interface, and gives a reference to the relevant clauses of the present document that specify how the protocol is to be used for the given interface.
Table 4.2-1: Internal interfaces and related protocols
|
Interface |
Description |
Protocol used to realise interface |
Usage |
|
LI_ADMF |
Used to pass intercept provisioning information form the LICF to the LIPF. |
Out of scope of the present document. |
|
|
LI_IQF |
Used to pass information related to IEFs and ICF to IQF. |
Out of scope of the present document. |
|
|
LI_LAFC |
Used to pass information from LICF to LAF. |
Out of scope of the present document. |
|
|
LI_LAFP |
Used to pass information from LIPF to LAF. |
Out of scope of the present document. |
|
|
LI_MDF |
Used by MDF2 and MDF3 in interactions necessary to correctly generate CC and IRI from xCC and xIRI. |
Out of scope of the present document. |
|
|
LI_SI |
Used to provide system information to the LIPF from the SIRF. |
Out of scope of the present document. |
|
|
LI_ST |
Used to transfer LI state information to and from the LISSF. |
3GPP TS 29.598 [64]. |
See clauses 5.10 and 6.2.3.10 |
|
LI_T2 |
Used to pass triggering information from the IRI-TF to a Triggered IRI-POI. |
ETSI TS 103 221-1 [7]. |
See clause 5.2.4 |
|
LI_T3 |
Used to pass triggering information from a CC-TF to a Triggered CC-POI. |
ETSI TS 103 221-1 [7]. |
See clause 5.2.4 |
|
LI_X1 |
Used to configure and audit Directly-provisioned POIs, TFs and MDFs. |
ETSI TS 103 221-1 [7]. |
See clause 5.2.2 |
|
LI_X1 (Management) |
Used to audit Triggered POIs. |
ETSI TS 103 221-1 [7]. |
See clause 5.2.3 |
|
LI_X2 |
Used to pass xIRI from IRI-POIs to the MDF2. |
ETSI TS 103 221-2 [8]. |
See clause 5.3.2 |
|
LI_X2_LA |
Used to pass xIRI from LARF to the MDF2 |
ETSI TS 103 221-2 [8]. |
See clause 5.3.5 |
|
LI_X3 |
Used to pass xCC from CC-POIs to the MDF3. |
ETSI TS 103 221-2 [8]. |
See clause 5.3.3 |
|
LI_XEM1 |
Used by the LICF/LIPF to manage IEFs and ICF. |
ETSI TS 103 221-1 [7]. |
See clause 5.2.7 |
|
LI_XER |
Used to pass identifier association event records from IEFs to ICF. |
See Clause 5.9. |
See clause 5.9 |
|
LI_XLA |
Used to send the location acquisition requests from LAF to LARF and used by the LARF to send the location acquisition responses to the LAF. |
ETSI TS 103 221-1 [7]. |
See clause 5.12 |
|
LI_XQR |
Used to pass queries from IQF to ICF and responses from ICF to IQF. |
ETSI TS 103 221-1 [7]. |
See clause 5.8 |
4.3 Basic principles for external handover interfaces
This clause lists the external handover interfaces shown in clause 4.1, indicates the protocol used to realise each interface, and gives a reference to the relevant clauses of the present document that specify how the protocol is to be used for the given interface.
Table 4.3-1: External handover interfaces and related protocols
|
Interface |
Description |
Protocol used to realise interface |
Usage |
|
LI_HI1 |
Used to send warrant and other interception request information from LEA to operator. |
ETSI TS 103 120 [6] shall be supported. Other methods (e.g. manual exchange) may be used depending on national regulatory requirements. |
See clause 5.4 |
|
LI_HI2 |
Used to send IRI from the MDF2 to the LEMF. |
ETSI TS 102 232-1 [9] and ETSI TS 102 232-7 [10] shall be supported. |
See clause 5.5 |
|
LI_HI3 |
Used to send CC from the MDF3 to the LEMF. |
ETSI TS 102 232-1 [9] and ETSI TS 102 232-7 [10] shall be supported. |
See clause 5.5 |
|
LI_HI4 |
Used to send LI notification information from MDF2/3 to LEMF. |
ETSI TS 102 232-1 [9] and ETSI TS 102 232-7 [10] shall be supported. |
See clause 5.6 |
|
LI_HILA |
Used to send the location acquisition requests from LEA to CSP and used by the CSP to send the location acquisition responses to the LEA. |
ETSI TS 103 120 [6] shall be supported. |
See clause 5.11 |
|
LI_HIQR |
Used to send warrant and other identifier association query information from LEA to CSP and used by the CSP to send query responses to the LEA. |
ETSI TS 103 120 [6] shall be supported. |
See clause 5.7 |
4.4 Service scoping
4.4.1 General
The interception product shall be delivered to the LEMF over LI_HI2 and LI_HI3, observing the service scoping described in the following clauses.
4.4.2 CSP service type
The LIPF shall be able to provision the POIs, TFs and MDF2/MDF3 according to the requirements of the warrant with the following CSP service type(s):
– Voice.
– Data.
– Messaging (e.g. SMS/MMS).
– Push-to-Talk (including MCPTT).
– LALS (the Target Positioning service, per TS 33.127 [5], clause 7.3.3.2).
– RCS.
When multiple service types are applicable to a target due to multiple warrants, the MDF2/MDF3 shall be able to deliver interception product to each LEMF based on the CSP service type(s) of the respective warrant.
When no service type is provisioned, the POIs shall generate and deliver applicable interception product for all services specified for the NF where the POI is located.
When no service type is provisioned, the MDF2/MDF3 shall deliver all interception product it receives from the POIs.
4.4.3 Delivery type
– IRI.
– CC.
– IRI and CC.
The LIPF shall be able to provision the POI, TF and the MDF2/MDF3 according the delivery type(s) applicable to a warrant.
When different delivery types are applicable to a target due to multiple warrants, the MDF2/MDF3 shall be able to deliver IRI/CC to each LEMF based on the delivery type(s) of the respective warrant.
4.4.4 Location Reporting
The LIPF shall be able to provision the POIs and MDF2 according to the requirements of the warrant with the following location reporting types:
– Report location only at the beginning and end of a session.
– Do not report location.
When no location reporting type is provisioned, the POIs and MDF2/MDF3 shall report location every time the target location information is received at the POI (including location update with no physical change of location).
When different location reporting types are applicable to a target due to multiple warrants, then POI may be provisioned as if the reporting of all location information occurrences at the POI is required, with MDF2 restricting the delivery of location to the LEMF as per the provisioned information for a warrant.
4.4.5 LALS Triggering
– This option is used to activate the LALS triggered location service (TS 33.127 [5], clause 7.3.3.3) for the target.
The LIPF shall be able to provision the LTF associated with a POI or MDF2 with the LALS triggered location service parameters provided in the warrant or use a default set of parameters.
4.4.6 Roaming Interception
– Stop interception when the target is roaming outbound internationally.
NOTE 1: The definition of international roaming for LI purposes could vary per jurisdiction.
NOTE 2: The method used to achieve the roaming related service scoping is not described in the present document.