Académique Documents
Professionnel Documents
Culture Documents
Lawful Interception
Lionel THUAL Orange Labs CORE/M2V/SID
mainly based on a previous version of Jean-Philippe JESTIN
(now FT/OF/DTF/DRIMS/IRS/ICC)
27/04/2012
Orange Labs
France Telecom group restricted
Agenda
Principles
Existing Networks and Services intercepted
Circuit Networks (PSTN, PLMN)
Data Internet
Services (Ex: IMS)
Security requirements
Architecture
Provision of IRI and CC
EPS Data Events sent on Handover Interface
Roaming configuration
LTE/EPC training/anne/auteur p2
Principles
LTE/EPC training/anne/auteur p3
2 Domains:
LEA : Law Enforcement Agencies (Authorities)
Operator
2 interface types
HI: Handover Interface between Operator and LEA domains
INI: INternal Interfaces in Operator Domain
France Telecom group restricted
ETSI TC LI committee:
ETSI TS 102.232-1: Handover specification for IP delivery
Internal Interfaces
Internal Interfaces in operator domain are not standardized, and are thus
proprietary,
These interfaces are named INI-1, INI-2, INI-3 in ETSI standard, and X1, X2, X3 in
3GPP standard.
ADMF
X1
X2
DF2
DF3
X3
LEMF suppliers
ADMF
DF2
DF3
IAP
target
PSTN
Mediation
Platform
CAA
MSC
HI2
HI3
PLMN
IAP
MSC
target
IAP
LEMF
SGSN
GGSN
IAP
PF Wi-Fi
Mobile
PS
IAP
Wi-Fi
Internet
Broadband
BRAS
IAP
IAP
Mediation
Platform
HI2
HI3
LEMF
IAP
Mobile
PS
Wi-Fi
X2
X3
Mediation
Platform
HI2
HI3
Internet
Broadband
LEMF
Role: Super User dedicated for LI configuration. Other Users are not
allowed to access to LI informations
Information protection:
Agenda
Principles
Existing Networks and Services intercepted
Circuit Networks (PSTN, PLMN)
Data Internet
Services (Ex : IMS)
Security requirements
Architecture
Provision of IRI and CC
EPS Data Events sent on Handover Interface
Roaming configuration
HI2
DF2
LEMF
DF3
Hi3
DF2
HI2
DF3
Hi3
LEMF
Operator Domain
France Telecom group restricted
LEA Domain
Attach/Detach
Tracking Area Update
UE requested PDN connectivity
UE requested PDN disconnection
X2
DF2
X2
DF2
X2
Detach
UE initiated modification
DF3
CC/X3 on SGW
Target identity: IMSI, MSISDN, MEI
Intercepted data packets
LI header will contain the following information:
Intercept-id LIID
Timestamp
Sequence Number
IP packet direction
Correlation number (charging-id + intercept node-id)
E-UTRAN
Access
Non 3GPP
Access
Roaming Architecture
X2
X2
X3
X2
X3
DF2
HI2
Visited LEA
DF3
DF2
HI2
HI3
LEMF
Home LEA
DF3
HI3
LEMF
Roaming Architecture
No CC Interception possible in
Home Network. H-PCRF could
provide IRI (under study in 3GGP)
Local Breakout
X2
X2
X3
DF2
HI2
Visited LEA
DF3
HI3
LEMF
France Telecom group restricted
Agenda
Principles
Existing Networks and Services intercepted
Circuit Networks (PSTN, PLMN)
Data Internet
Services (Ex : IMS)
Security requirements
Architecture
Provision of IRI and CC
EPS Data Events sent on Handover Interface
Roaming configuration
RFP responses
CISCO
HUAWEI
UGW9811
ERICSSON
NSN
MME : ASR5000
SGW : ASR5000
PGW : ASR5000
MME : USN9810
SGW : UGW9811
PGW : UGW9811
MME : Flexi NS
SGW: Flexi NG
PGW: Flexi NG
Mediation Platform
(3rd party or not ?)
X1, X2, X3
interfaces open
to any 3rd party
Mediation
Platform
AQSACOM,
UTIMACO,
VERINT, SS8
LIG (Lawful
Interception
Gateway)
Mediation
Platform imposed
by Huawei.
But MME IOT with
ETI, Verint ,
Utimaco ,SS8
LI-IMS
Mediation
Platform
imposed by
Ericsson
LIG (Lawful
Interception
Gateway)
Mediation
Platform
imposed by
NSN
Interception criteria
IMSI, MSISDN,
ME
IMSI, MSISDN,
ME
IMSI, MSISDN,
ME
IMSI, MSISDN,
ME
Security capabilities
IPsec/SSH on
X1, X2 and X3
Role-based
authority
control.
C. Checking
IPsec/SSH on
X1, X2 and X3
Consistency
Checking
supported
IRI compliancy to
3GPP TS 33.108
Compliant
Compliant
Compliant
Compliant
Thank You