G.4.3 5GC
33.1283GPPProtocol and procedures for Lawful Interception (LI)Release 18SecurityStage 3TS
G.4.3.1 The flow-chart
Figure G.4-2 shows the LIPF logic in provisioning the LI functions for the 5GC for the service type of Data.
Figure G.4-2: LIPF logic for the service type Data in 5GC
For the delivery type of IRI + CC, the IRI-POIs and the CC-TFs are provisioned. For the delivery type of IRI, the IRI-POIs and the IRI-TFs are provisioned. For the delivery type of CC, the CC-TFs are provisioned.
G.4.3.2 Interception
G.4.3.2.1 PDHR
There are two deployment options for the packet data header reporting. It is expected that the CSP implements one of the two deployment options.
In PDHR option 1, the IRI-POI in the UPF (based on a trigger from IRI-TF present in the SMF) generates the xIRI. Accordingly, the IRI-TFs in SMFs are provisioned.
In PDHR option 2, the CC-POI present in the UPF (based on a trigger from CC-TF present in the SMF) delivers the UP packets as xCC to the MDF3, which in turn, forwards the same to the MDF2 and MDF2 would then generate the IRI messages from the received xCC. Accordingly, the CC-TFs in SMFs, and the PDHR handling function in MDF3 are provisioned.
G.4.3.2.2 LALS triggering
There are two deployment options for LALS triggering. It is expected that the CSP implements one of the two deployment options.
In LALS triggering option 1, the LTF present in the host NF that has the associated IRI-POI triggers the LI-LCS Client. Accordingly, the LTFs in AMFs and SMFs are provisioned.
In LALS triggering option 2, the LTF present in the MDF2 triggers the LI-LCS Client. Accordingly, the LTF in MDF2 is provisioned.
G.4.3.2.3 UDM
The UDM is expected to provide the IRI-POI functions in the HPLMN only.
G.4.3.2.4 Summary
Table G.4-1 provides the scope of NF domain that provides the IRI-POI/CC-TF/CC-POI functions for the service type of Data in the 5GC for various scenarios.
Table G.4-1: Scope of NF domain in 5GC providing the LI functions
|
NFs with LI function |
Non-roaming |
Roaming with LBO |
Roaming with HR |
||||
|
VPLMN |
HPLMN |
VPLMN |
HPLMN |
||||
|
UDM |
IRI-POI |
n/a |
IRI-POI |
n/a |
IRI-POI |
||
|
AMF |
IRI-POI |
IRI-POI |
n/a |
IRI-POI |
n/a |
||
|
SMF |
IRI-POI |
IRI-POI |
n/a |
IRI-POI |
IRI-POI |
||
|
SMF |
CC-TF |
CC-TF |
n/a |
CC-TF |
CC-TF |
||
|
UPF |
CC-POI |
CC-POI |
n/a |
CC-POI |
CC-POI |
||
|
PDHR |
Option 1 |
SMF |
IRI-TF |
IRI-TF |
n/a |
IRI-TF |
IRI-TF |
|
UPF |
IRI-POI |
IRI-POI |
n/a |
IRI-POI |
IRI-POI |
||
|
Option 2 |
SMF |
CC-TF |
CC-TF |
n/a |
CC-TF |
CC-TF |
|
|
UPF |
CC-POI |
CC-POI |
n/a |
CC-POI |
CC-POI |
||
|
MDF3 |
PDHR |
PDHR |
n/a |
PDHR |
PDHR |
||
|
LALS triggering |
Option 1 |
AMF |
LTF |
LTF |
n/a |
LTF |
n/a |
|
SMF |
LTF |
LTF |
n/a |
LTF |
LTF |
||
|
Option 2 |
MDF2 |
LTF |
LTF |
n/a |
LTF |
LTF |
|
NOTE 1: The use of "n/a" in the above table implies that the LI function is not applicable to the NF for the indicated scenario.
NOTE 2: The LIPF is not aware of the above role played by the host NFs in providing the LI functions.
NOTE 3: MDF2, MDF3 and LI-LCS Client which are also involved in providing the LI functions are not shown in the tables above.