G.1 Background

33.1283GPPProtocol and procedures for Lawful Interception (LI)Release 18SecurityStage 3TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

According to TS 33.126 [3] clause 6.4, the CSP is expected to only deliver Interception Product relating to specific CSP services which are specified implicitly or explicitly in the warrant. In other words, the CSP is expected to perform the interception only for the services indicated in the warrant.

NOTE: The term "interception" used in this annex refers to the step that involves actual capturing and then delivery of the Intercept Product to the LEMF.

This annex considers the following possibilities in the analysis:

– The intended target may have subscribed to only a specific service and in this case, by default, the interception would apply only to such service when specified in the warrant. The CSP network would provide the interception as and when the service is accessed by the target.

– The intended target may have subscribed to multiple services and in this case, the interception would have to be done based on the service type(s) specified in the warrant as and when CSP network detects that such services are accessed by the target.

– A NF may be involved in providing only a particular service and in this case, by default, the interception performed by the POI present in that NF would apply to such service when specified in the warrant.

– A NF may be involved in providing multiple services and in this case, the interception performed by the POI present in that NF would have to be based on the service type applicable to the warrant.

– There may be multiple warrants with differing service types active on a target, in this case, all applicable services would have to be intercepted at the POIs, and the MDFs would have to then deliver Interception Product based on the service type (s) applicable to the warrant.

In supporting the above scenarios, as per clause 4.4 (of the present document), the LIPF will have to provision the POIs, TFs and the MDF2/MDF3 according to the CSP service type(s) applicable to a warrant.

To cover all the scenarios mentioned above, the service type may have to be part of LI provisioning data sent to the MDFs. Whether a service type will have to be provisioned to the POIs and TFs as an indication will depend on the services provided by the NFs that have such POIs and TFs.

In addition to the CSP service type, a few other factors present in the warrant may influence the LIPF logic in provisioning the POIs, TFs and MDF2/MDF3. Few examples are:

– Delivery type.

– LALS triggering.

– CSP deployment options.

– The target type (local Vs non-local ID).

For the target non-local ID, Voice and Messaging type of services are supported in the present document. In this case, the other party communicating with the target non-local ID happens to access the service provided by the CSP.

This annex illustrates the LIPF logic through a series of flow-charts in provisioning the POIs and the TFs. The provisioning aspect of MDF2/MDF3 are not shown.