Presentation is loading. Please wait.

Presentation is loading. Please wait.

World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre 2007 Lawful interception and Retained Data Presentazione per l’Osservatorio Sicurezza.

Similar presentations


Presentation on theme: "World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre 2007 Lawful interception and Retained Data Presentazione per l’Osservatorio Sicurezza."— Presentation transcript:

1 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre 2007 Lawful interception and Retained Data Presentazione per l’Osservatorio Sicurezza Anfov Autore:Dionisio Zumerle Technical Officer - ETSI © ETSI All rights reserved

2 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Why Lawful Interception implementation in EU 17th January 1995: EU Council of Ministers adopted resolution COM 96/C329/01 on Lawful Interception “The providers of public telecommunications networks and services are legally required to make available to the authorities the information necessary to enable them to investigate telecommunications”

3 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre What is Lawful interception?  A legally sanctioned official access to private communications  telephone calls  messages  …  A security process: a communication service provider collects and provides law enforcement with intercepted communications of private individuals or organizations

4 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Scenario and actors target Correspondent Monitor Handover interface Interception interface Regulators Providers Mediation Vendors Collection Vendors Interception Vendors

5 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Why standardisation of LI?  Easier to define own LI mechanism  Guidance is given for network architecture  No need to define/invent complete own LI system  Less expensive LI products  Manufacturers need to develop one basic product  National options are additional  Intercepted result is meeting international requirements by Law Enforcement Agencies  Worldwide input

6 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Lawful Interception TC in ETSI  ETSI/Technical Committee Security (TC SEC)  Working Group Lawful Interception (SEC-WGLI) (1997)  ETSI/Technical Committee Lawful Interception (TC LI)  Established as stand-alone TC in Oct 2002  Meetings  Three plenary meetings a year (65-75 participants)  Rapporteur meetings on specific technical issues (4 Rapp meetings per year average, participants)

7 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre What does ETSI TC LI do? Handover Retrieval Cost Analysis Political LegalBusiness Relations process Storage Interception

8 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre  Law Enforcement Agencies / Governments organisations  NL, UK, DE, AS, S, GR, ES, FR, RU, FIN, IT, NO, CY, HU  USA, CA, AU, KR  Operators  KPN (NL), DT (DE), BT (UK), TeliaSonera (S), Inmarsat, Telenor (NO), UPC, Telecom Italia, Telstra (AU), T-Mobile (DE), Vodafone (DE)  Manufacturers (switch)  Nokia Siemens Networks, Ericsson, Cisco, Alcatel Lucent, Nortel, Marconi, Motorola  Manufacturers (mediation / LEA equipment)  Pine Digital Security, Aqsacom, ETI, VeriSign, Siemens, GTEN, Utimaco Safeware, Verint, Detica, NICE Systems, Thales, AREA, ATIS Systems, SS8, Spectronic, Group 2000, ZTE Manufacturers may be active in all areas Participation in ETSI TC LI

9 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre LI Handover Interface  Handover Interface for Lawful Interception (TS )  Generic flow of information and procedures and information elements  Applicable to any future telecommunication network or service  Circuit switched and packet data  Covered technologies: PSTN/ISDN GSM UMTS (CS) GPRS TETRA wireline NGN (including PES) wireline IMS PSTN simulation

10 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre The ETSI LI Model

11 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Types of Lawful Intercepted data  Content of Communication (CC)  Information exchanged between two or more users of a telecommunications service  Intercept Related Information (IRI)  Collection of information or data associated with telecommunication services involving the target identity: communication associated information or data (including unsuccessful communication attempts) service associated information or data (e.g. service profile management by subscriber) location information

12 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Handover Interface ports (TS )  HI1: for administrative information  Request for lawful interception: target identity, LIID, start/duration, IRI or IRI+CC, IRI delivery address, CC delivery address,...  Management information  HI2: for delivery of Intercept Related Information  All data related to establish the telecommunication service and to control its progress  Correlation information  HI3: for delivery of Content of Communication  Transparent en-clair copy of the communication  Correlation information

13 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Parameters in IRI records (TS )  LI related identities  LIID, target, network operator, network element, call ID,...  Timestamp  Intercepted call direction (to / from target)  Intercepted call state (in progress, connected)  Address: Calling party / Called party / Forwarded-to-party /..  E164, TEL URI, IMSI, IMEI, MSISDN, SIP URI, …  Ringing tone duration / conversation duration  Type of intercept:  PSTN, ISDN, GSM (CS), TETRA, GPRS (PD), UMTS (CS)  Supplementary service information  Location information  National parameters  IRI record type (Begin, Continue, End, Report) ....

14 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Handover of LI via IP Networks  TS : Delivery of IP based interception  Handover aspects (based on TS ) for IP-based platforms  Header added to IRI and CC sent over the HI2 and HI3 interfaces  Protocols for transfer of IRI and CC across HO interfaces  Other parts define the service-specific IRI data formats  Generic header information to be added to HI2 and HI3 traffic LIID Communication Identifier Sequence number Timestamp Payload direction IRI record type (Begin, Continue, End, Report)...

15 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre IP Service-Specific Details (SSD)  TS : SSD details for Services  Description for handover of messages (POP3, IMAP4)  TS : SSD for Internet Access Services  Description for handover of Internet Access Information and TCP/IP information (DHCP, RADIUS)  TS : SSD for Layer 2 Services  Description for LI functionality of Layer 2 access  TS : SSD for IP Multimedia Services  Based on SIP and RTP, and services described by ITU-T H.323, H.248  TS : SSD for PSTN/ISDN Services  TS : SSD for Mobile Packet Services (drafting stage)

16 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre TS IP HO Family TS Generic Headers Handover manager Delivery session Transport layer Network layer Delivery network part 02 SSD for Services Application Presentation Session Transport Network and below part 03 SSD for Internet Services part 04 SSD for Layer-2 Services part 05 SSD for IP multimedia Services part 06 SSD for PSTN/ISDN Services part 07 SSD for Mobile Services

17 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre (ETSI TR ) Reference model for LI in IP networks (TR ) (ETSI TR ) LI Administration Function (AF) Lawful Interception Mediation Function (MF) HI1 HI2 (IRI) HI3 (CC) INI2 INI3 HI INI1a CCCI LEA Domain CSP Domain CCTI InterceptRelated Information Internal Interception Function (IRI - IIF) Content of Communication Internal Interception Function (CC - IIF) Content of Communication Trigger Function (CCTF) INI1b INI1c Law Enforcement Agency Authorisation authority / Law Enforcement Agency

18 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre LI scenario on a VoIP MM platform (TR )

19 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Basic IP Multimedia message exchange (TR )

20 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre General on security of LI  Protection of Target information  Protection of Rooms, Systems, Connections, Signalling  Local staff  Only authorised personnel has knowledge that interception has been activated on a target  Target  Target should not be able to detect that interception is taking place  Other parties  Other parties of any telecommunications service should not be able, by any means, to detect that any interception facility has been (de)activated or that interception is taking place  DTR/LI  Security framework in Lawful Interception and Retained Data environment

21 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre LI specifications in 3GPP and TISPAN  TS (3GPP TS ) Lawful interception requirements  provides basic interception requirements  partly based on ETSI TS  TS (3GPP TS ) Lawful interception architecture and functions  TS (3GPP TS ) Handover interface for Lawful Interception  TS NGN Lawful Interception; Lawful Interception functional entities, information flow and reference points

22 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Retained Data in EU 15th of March 2006: the European Parliament and the Council of the European Union adopted Directive 2006/24/EC on Data Retention “Data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks need to be retained”

23 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Relation of RD to LI  Retention of Data is similar to LI  Process of providing information on private communications  Legally sanctioned  Concerns stored traffic, rather than traffic in transit (LI)  In ETSI, the stakeholders are the same  Regulators  LI equipment vendors  Telecom equipment vendors  Communication Service Providers  Similar technology and protocols  Similar EU Regulatory framework

24 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Applicability of the Directive  The content of the communication (CC) is not part of the directive  only signaling (IRI)  Storage of all types of communication:  Wireline  Wireless  Internet services  Successful AND unsuccessful communication attempts  Provided data must identify:  source of a communication  destination of a communication  date, time and duration of a communication  the type of communication  users' communication equipment  location of mobile communication equipment

25 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Retained Data Handover Interface Handover Interface HI-B transmission RD material Handover Interface HI-A administrative Communication Service Provider Requesting Authority / Law Enforcement Agency

26 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Retained Data Handover Protocol Results of RD request (HI-B) RES(ACK): Acknowledge Res message (HI-A) RESPONSE: confirm results have been sent (HI-A) REQ(ACK): Acknowledge request (HI-A) REQUEST: Request for Retained Data (HI-A) LEA CSP Successful delivery

27 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Modular approach Framework standard Message sets for request and delivery Secure and reliable transport Annex: PSTN Annex: GSM Annex: Internet access services Annex: Multi- media services …

28 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre Actual RD working/study issues in TC LI  ETSI TS (to be published) Requirements of LEAs for handling Retained Data  guidance and requirements for the delivery and associated issues of retained data of telecommunications and subscribers  set of requirements relating to handover interfaces for retained data  requirements to support the implementation of Directive 2006/24/EC  ETSI TS (to be published) Handover interface for the request and delivery of retained data  handover requirements and handover specification for the data that is identified in EU Directive 2006/24/EC on retained  considers both the requesting of retained data and the delivery of the results  defines an electronic interface

29 World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre More information


Download ppt "World Class Standards Osservatorio Sicurezza ANFOV - Milano, 14 Novembre 2007 Lawful interception and Retained Data Presentazione per l’Osservatorio Sicurezza."

Similar presentations


Ads by Google