ETSI TS 101 671 V3.4.1 (2009-01)

Technical Specification
Lawful Interception (LI);
Handover interface for the lawful interception of
telecommunications traffic
�
2 ETSI TS 101 671 V3.4.1 (2009-01)

Reference
RTS/LI-00056
Keywords
data, handover, interface, Lawful Interception,
security, speech
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2008.
All rights reserved.
TM TM TM TM
DECT , PLUGTESTS , UMTS , TIPHON , the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered
for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
ETSI
3 ETSI TS 101 671 V3.4.1 (2009-01)
Contents
Intellectual Property Rights . 8
Foreword . 8
Introduction . 8
1 Scope . 9
2 References . 9
2.1 Normative references . 10
2.2 Informative references . 13
3 Definitions and abbreviations . 14
3.1 Definitions . 14
3.2 Abbreviations . 17
4 General requirements . 19
4.1 Basic principles for the Handover Interface . 19
4.2 Legal requirements . 19
4.3 Functional requirements . 19
5 Overview of Handover Interface . 20
5.1 Handover Interface port 1 (HI1) . 21
5.1.1 Manual interface . 21
5.1.2 Electronic interface . 21
5.2 Handover Interface port 2 (HI2) . 21
5.3 Handover Interface port 3 (HI3) . 22
6 Specific identifiers for LI . 22
6.1 Lawful Interception IDentifier (LIID) . 22
6.2 Communication IDentifier (CID) . 22
6.2.1 Network IDentifier (NID) . 23
6.2.2 Communication Identity Number (CIN) - optional . 23
7 HI1: Interface port for administrative information . 23
7.1 Information for the activation of lawful interception . 23
7.2 LI notifications towards the LEMF . 24
8 HI2: Interface port for Intercept Related Information . 24
8.1 Data transmission protocols . 24
8.1.1 Application for IRI (HI2 information) . 25
8.2 Types of IRI records . 25
9 HI3: Interface port for Content of Communication . 25
10 Performance and quality . 26
10.1 Timing . 26
10.2 Quality . 26
11 Security aspects . 26
11.1 Security properties . 26
11.2 Security mechanisms . 27
12 Quantitative aspects . 27
Annex A (normative): Circuit switched network handover . 28
A.1 Specific identifiers for LI . 28
A.1.1 CC Link IDentifier (CCLID) . 28
A.1.2 Circuit switched LI correlation between CC and IRI . 28
A.1.3 Usage of identifiers . 28
A.2 HI1: interface port for administrative state . 29
ETSI
4 ETSI TS 101 671 V3.4.1 (2009-01)
A.3 HI2: interface port for IRI . 29
A.3.1 Definition of Intercept Related Information (IRI) . 29
A.3.2 Structure of IRI records . 30
A.3.2.1 Control information for HI2. 30
A.3.2.2 Basic call information . 30
A.3.2.3 Information on Supplementary Services, related to a call in progress . 31
A.3.2.4 Information on non-call related Supplementary Services . 31
A.3.3 Selection of parameters for IRI records . 32
A.3.4 Coding of parameters in IRI records . 35
A.3.5 Information content of the IRI record types . 35
A.4 HI3: interface port for Content of Communication . 35
A.4.1 Delivery of Content of Communication (CC) . 35
A.4.1.1 Delivery of TETRA CC over circuit switched handover networks . 36
A.4.2 Delivery of packetized Content of Communication (CC) (general) . 36
A.4.2.1 Delivery of TETRA CC over packet switched handover networks . 37
A.4.3 Control information for circuit switched Content of Communication (CC) . 37
A.4.4 Exception handling . 38
A.4.4.1 Failure of CC links . 38
A.4.4.2 Fault reporting . 38
A.4.5 Security requirements at the interface port HI3 . 38
A.4.5.1 LI access verification . 39
A.4.5.2 Access protection . 39
A.4.5.3 Authentication . 39
A.5 LI procedures for circuit switched supplementary services . 39
A.5.1 General . 39
A.5.2 CC link Impact . 42
A.5.3 IRI impact, general principle for sending IRI records . 42
A.5.4 Multi party calls - general principles, options A, B . 42
A.5.4.1 CC links for active and non-active calls (option A) . 43
A.5.4.2 Reuse of CC links for active calls (option B) . 43
A.5.5 Subscriber Controlled Input (SCI): Activation/Deactivation/Interrogation of services . 44
A.6 Detailed procedures for circuit switched supplementary services . 44
A.6.1 Advice of Charge services (AOC) . 44
A.6.2 Call Waiting (CW) . 44
A.6.2.1 Call Waiting (CW) at target: CC links . 44
A.6.2.2 Call Waiting: IRI records . 44
A.6.2.2.1 Target is served user. 44
A.6.2.2.2 Other party is served user . 44
A.6.3 Call Hold/Retrie ve . 45
A.6.3.1 CC links for active and non-active calls (option A) . 45
A.6.3.2 Reuse of CC links for active calls (option B) . 45
A.6.3.3 IRI records . 45
A.6.3.3.1 Invocation of Call Hold or Retrieve by target . 45
A.6.3.3.2 Invocation of Hold or Retrieve by other parties . 45
A.6.4 Explicit Call Transfer (ECT) . 45
A.6.4.1 Explicit Call Transfer (ECT), CC link . 45
A.6.4.2 Explicit Call Transfer (ECT), IRI records . 45
A.6.5 Calling Line Identification Presentation (CLIP) (IRI Records) . 46
A.6.5.1 Call originated by target (other party is served user) . 46
A.6.5.2 Call terminated at target (target is served user) . 46
A.6.6 Calling Line Identification Restriction (CLIR) . 46
A.6.7 COnnected Line identification Presentation (COLP) . 46
A.6.7.1 Call terminated at target (other party is served user) . 46
A.6.7.2 Call originated by target (target is served user) . 46
A.6.8 COnnected Line identification Restriction (COLR) . 46
A.6.9 Closed User Group (CUG) . 46
A.6.10 Completion of Call to Busy Subscriber (CCBS) . 46
A.6.11 CONFerence call, add-on (CONF) . 47
A.6.11.1 CONFerence calls, add on: CC links . 47
A.6.11.2 Conference calls: IRI records. 47
ETSI
5 ETSI TS 101 671 V3.4.1 (2009-01)
A.6.12 Three party service (3PTY) (conference) . 47
A.6.12.1 CC links . 47
A.6.12.2 Three party service, IRI records . 47
A.6.13 Meet-Me Conference (MMC) . 47
A.6.14 Direct Dialling In (DDI) . 47
A.6.15 Multiple Subscriber Number (MSN) . 47
A.6.16 DIVersion services (DIV) . 48
A.6.16.1 Call Diversion by target . 48
A.6.16.1.1 Call Diversion by target, CC links . 48
A.6.16.1.2 Call Diversion by target, IRI records . 48
A.6.16.2 Forwarded call terminated at target . 48
A.6.16.3 Call from target forwarded . 49
A.6.17 Variants of call diversion services . 49
A.6.18 Void . 49
A.6.19 Malicious Call IDentification (MCID) . 49
A.6.20 SUBaddressing (SUB) . 49
A.6.21 Terminal Portability (TP) . 49
A.6.21.1 CC links . 49
A.6.21.2 IRI records . 49
A.6.21.2.1 Invocation of Terminal Portability by target . 49
A.6.21.2.2 Invocation of Terminal Portability by other parties . 49
A.6.22 User-to-User Signalling (UUS) . 49
A.6.23 Abbreviated Address (AA) . 49
A.6.24 Fixed Destination Call (FDC) . 50
A.6.25 Alarm Call (AC)/Wake-Up Service (WUS) . 50
A.6.26 Incoming Call Barring (ICB). 50
A.6.27 Outgoing Call Barring (OCB) . 50
A.6.28 Completion of Calls on No Reply (CCNR) . 50
A.6.29 Reverse charging . 50
A.6.30 Line hunting . 50
A.6.31 Message Wait Indication (MWI) . 50
A.6.32 Name display . 50
A.6.33 Tones, announcements . 51
A.7 Void . 51
A.8 GSM circuit switched technology annex . 51
A.8.1 Functional architecture . 51
A.8.2 Correlation of CC and IRI (see clause 6) . 52
A.8.3 HI3 (delivery of CC) . 52
A.8.4 HI2 (delivery of IRI) . 52
A.9 TETRA technology annex . 54
A.10 NGN PSTN/ISDN emulation and simulation services technology annex . 54
A.10.1 Functional architecture . 54
A.10.2 Correlation . 54
A.10.3 HI2. 54
A.10.4 HI3. 54
Annex B (normative): Packet switched network handover . 55
B.1 Specific identifiers for LI . 55
B.2 HI1: interface port for administrative state . 55
B.3 HI2: interface port for IRI . 55
B.3.1 Definition of Interception Related Information for packet switched . 55
B.3.2 Exception handling . 55
B.3.3 Security aspects . 55
B.4 HI3: interface port for Content of Communication (CC) . 56
B.5 GPRS technology annex . 56
B.5.1 Functional architecture . 56
ETSI
6 ETSI TS 101 671 V3.4.1 (2009-01)
B.5.2 Correlation . 57
B.5.2.1 Correlation of the present document IDs to GSM IDs . 57
B.5.2.2 GPRS LI correlation between CC and IRI . 57
B.5.3 HI2 (delivery of IRI) . 57
B.5.4 HI3 (Delivery of CC) . 58
Annex C (normative): HI2 Delivery mechanisms and procedures . 59
C.1 ROSE . 59
C.1.1 Architecture . 59
C.1.2 ASE_HI procedures . 59
C.1.2.1 Sending part . 59
C.1.2.2 Receiving part . 61
C.1.2.3 Data link management . 61
C.1.2.3.1 Data link establishment . 61
C.1.2.3.2 Data link release . 62
C.1.2.4 Handling of unrecognized fields and parameters . 62
C.1.3 Void . 62
C.2 FTP . . 62
C.2.1 Introduction . 62
C.2.2 Usage of the FTP . 63
C.2.3 Profiles . 64
C.2.4 File content . 66
C.2.5 Exceptional procedures . 66
C.2.6 Other considerations . 67
Annex D (normative): Structure of data at the Handover Interface . 68
D.1 Syntax definitions . 68
D.2 Object tree . 69
D.3 HI management operation . 70
D.4 LI management notification . 71
D.5 Intercept related information (HI2 PS and CS) . 73
D.6 User data packet transfer (HI3 CS) . 87
D.7 TETRA data transfer (HI3 interface) . . 88
D.8 Definition of the UUS1 content associated to the CC link . 88
D.9 Content of Communication (HI3 GPRS) . 90
Annex E (informative): Use of subaddress and calling party number to carry correlation
information . 91
E.1 Introduction . 91
E.2 Subaddress options . 91
E.3 Subaddress coding . 91
E.3.1 BCD values . 91
E.3.2 Field order and layout . 92
E.4 Field coding . 97
E.4.1 Direction . 98
E.4.2 Coding of the Calling Party Number . 98
E.5 Length of fields . 99
Annex F (informative): GPRS HI3 interface . 100
F.1 Functional architecture . 100
F.2 Correlation . 100
ETSI
7 ETSI TS 101 671 V3.4.1 (2009-01)
F.3 HI3 Delivery Content of Communication (CC) . . 100
F.3.1 GPRS LI correlation header . 101
F.3.1.1 Introduction. 101
F.3.1.2 Definition of GLIC header . 101
F.3.1.3 Exceptional procedure . 102
F.3.1.4 Other considerations . 103
F.3.2 FTP . 103
F.3.2.1 Introduction. 103
F.3.2.2 Usage of the FTP . 103
F.3.2.3 Profiles . 105
F.3.2.4 Exceptional procedures . 107
F.3.2.5 CC contents for FTP . 107
F.3.2.5.1 Fields . 107
F.3.2.5.2 Information Element syntax . 109
F.3.2.6 Other considerations . 111
Annex G (informative): LEMF requirements - handling of unrecognized fields and
parameters . 112
Annex H (informative): IP Multimedia Subsystem (IMS) handover . 113
H.1 Specific identifiers for LI . 113
H.1.1 Lawful interception identifier . 114
H.1.2 Network identifier . 114
H.1.3 Correlation number. 114
H.1.4 IRI for IMS . 115
H.1.4.1 Events and information . 116
H.1.5 Correlation indications of IMS IRI with GSN CC at the LEMF . 117
Annex I (informative): Latest ASN.1 module versions . 119
Annex J (informative): Bibliography . 120
Annex K (informative): Change Request history . 121
History . 125

ETSI
8 ETSI TS 101 671 V3.4.1 (2009-01)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://webapp.etsi.org/IPR/home.asp).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI).
The ASN.1 module is also available as an electronic attachment to the original document from the ETSI site (see for
more details clause D.2).
Introduction
References within the main body of the present document are made if applicable to the 3GPP specification number with
in square brackets the reference number as listed in clause 2. In clause 2 "References" the corresponding ETSI
specification number is indicated with a reference to the 3GPP specification number. 3GPP specifications are available
faster than the equivalent ETSI specifications.
ETSI
9 ETSI TS 101 671 V3.4.1 (2009-01)
1 Scope
The present document is step 3 of a three-step approach to describe a generic Handover Interface (HI) for the provision
of lawful interception from a Network Operator, an Access Provider or a Service Provider (NWO/AP/SvP) to the
Law Enforcement Agencies (LEAs). The provision of lawful interception is a requirement of national law, which is
usually mandatory for the operation of any telecommunication service.
Step 1 contains the requirements for lawful interception from a users (LEAs) point of view and is published in
TS 101 331 [1].
Step 2 describes the derived network functions and the general architecture (or functional model) and is published in
ES 201 158 [2].
The present document specifies:
• the generic flow of information as well as the procedures and information elements, which are applicable to
any future telecommunication network or service;
• the network/service specific protocols relating to the provision of lawful interception at the Handover Interface
(HI), for the following networks/services:
- switched circuit; and
- packet data.
The technologies covered in the present document are: GSM, TETRA, GPRS, ISDN, PSTN, fixed NGN (including
PSTN/ISDN emulation) and fixed IMS PSTN simulation.
NOTE: As new networks and/or services are developed, the present document will be expanded as the relevant
standards become available.
2 References
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• Non-specific reference may be made only to a complete document or a part thereof and only in the following
cases:
- if it is accepted that it will be possible to use all future changes of the referenced document for the
purposes of the referring document;
- for informative references.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
For online referenced documents, information sufficient to identify and locate the source shall be provided. Preferably,
the primary source of the referenced document should be cited, in order to ensure traceability. Furthermore, the
reference should, as far as possible, remain valid for the expected life of the document. The reference shall include the
method of access to the referenced document and the full network address, with the same punctuation and use of upper
case and lower case letters.
NOTE 1: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee
their long term validity.
NOTE 2: The numbering of the references is kept in line with the numbering as used in version 1.1.1, version 2.1.1
and version 3.1.1 of ES 201 671, and used in previous versions of the present document.
ETSI
10 ETSI TS 101 671 V3.4.1 (2009-01)
NOTE 3: Periodically TS 101 671 is published as ES 201 671. A reference made in other ETSI deliverables to the
latest version of the TS version reflects the latest stable content from ETSI/TC LI.
2.1 Normative references
The following referenced documents are indispensable for the application of the present document. For dated
references, only the edition cited applies. For non-specific references, the latest edition of the referenced document
(including any amendments) applies.
[1] ETSI TS 101 331: "Lawful Interception (LI); Requirements of Law
...