SIST-TS ETSI/TS 101 671 V2.8.1:2005

SLOVENSKI STANDARD
01-maj-2005
7HOHNRPXQLNDFLMVNDYDUQRVW±=DNRQLWRSUHVWUH]DQMH/,±,]URþLOQLYPHVQLN]D
]DNRQLWRSUHVWUH]DQMHWHOHNRPXQLNDFLMVNHJDSURPHWD
Telecommunications security; Lawful Interception (LI); Handover interface for the lawful
interception of telecommunications traffic
Ta slovenski standard je istoveten z: TS 101 671 Version 2.8.1
ICS:
33.020 Telekomunikacije na splošno Telecommunications in
general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

Technical Specification
Telecommunications security;
Lawful Interception (LI);
Handover interface for the lawful interception of
telecommunications traffic
2 ETSI TS 101 671 V2.8.1 (2003-11)

Reference
RTS/LI-00009
Keywords
data, handover, interface, security, speech
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, send your comment to:
editor@etsi.org
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2003.
All rights reserved.
TM TM TM
DECT , PLUGTESTS and UMTS are Trade Marks of ETSI registered for the benefit of its Members.
TM
TIPHON and the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
ETSI
3 ETSI TS 101 671 V2.8.1 (2003-11)
Contents
Intellectual Property Rights.8
Foreword.8
1 Scope.9
2 References.9
3 Definitions and abbreviations.12
3.1 Definitions.12
3.2 Abbreviations.15
4 General requirements.17
4.1 Basic principles for the Handover Interface .17
4.2 Legal requirements.17
4.3 Functional requirements.18
5 Overview of Handover Interface.18
5.1 Handover Interface port 1 (HI1).19
5.1.1 Manual interface.20
5.1.2 Electronic interface.20
5.2 Handover Interface port 2 (HI2).20
5.3 Handover Interface port 3 (HI3).20
6 Specific identifiers for LI .20
6.1 Lawful Interception IDentifier (LIID).21
6.2 Communication IDentifier (CID) .21
6.2.1 Network IDentifier (NID).21
6.2.2 Communication Identity Number (CIN) - optional .22
7 HI1: Interface port for administrative information.22
7.1 Information for the activation of lawful interception .22
7.2 LI notifications towards the LEMF .23
8 HI2: Interface port for Intercept Related Information.23
8.1 Data transmission protocols .23
8.1.1 Application for IRI (HI2 information) .23
8.2 Types of IRI records.24
9 HI3: Interface port for Content of Communication.24
10 Performance and quality.24
10.1 Timing.24
10.2 Quality.25
11 Security aspects.25
11.1 Security properties.25
11.2 Security mechanisms.25
12 Quantitative aspects.26
Annex A (normative): Circuit switched network handover .27
A.1 Specific identifiers for LI .27
A.1.1 CC Link IDentifier (CCLID).27
A.1.2 Circuit switched LI correlation between CC and IRI .27
A.1.3 Usage of Identifiers .28
A.2 HI1: interface port for administrative state .28
A.3 HI2: interface port for IRI .28
A.3.1 Definition of Intercept Related Information.28
A.3.2 Structure of IRI records.29
ETSI
4 ETSI TS 101 671 V2.8.1 (2003-11)
A.3.2.1 Control information for HI2.29
A.3.2.2 Basic call information.30
A.3.2.3 Information on Supplementary Services, related to a call in progress.30
A.3.2.4 Information on non-call related Supplementary Services .31
A.3.3 Selection of parameters for IRI records.31
A.3.4 Coding of parameters in IRI records .33
A.3.5 Information content of the IRI record types .33
A.4 HI3: interface port for Content of Communication.34
A.4.1 Delivery of Content of Communication .34
A.4.2 Delivery of packetized Content of Communication (general).35
A.4.3 Control information for circuit switched Content of Communication.35
A.4.4 Exception handling.37
A.4.4.1 Failure of CC links.37
A.4.4.2 Fault reporting.37
A.4.5 Security requirements at the interface port HI3.37
A.4.5.1 LI access verification.37
A.4.5.2 Access protection.38
A.4.5.3 Authentication.38
A.5 LI procedures for circuit switched supplementary services .38
A.5.1 General.38
A.5.2 CC link Impact .40
A.5.3 IRI impact, general principle for sending IRI records.41
A.5.4 Multi party calls - general principles, options A, B.41
A.5.4.1 CC links for active and non-active calls (option A).42
A.5.4.2 Reuse of CC links for active calls (option B) .42
A.5.5 Subscriber Controlled Input (SCI): Activation/Deactivation/Interrogation of services .43
A.6 Detailed procedures for circuit switched supplementary services.43
A.6.1 Advice of Charge services (AOC).43
A.6.2 Call Waiting (CW) .43
A.6.2.1 Call Waiting at target: CC links.43
A.6.2.2 Call Waiting: IRI records.43
A.6.2.2.1 Target is served user.43
A.6.2.2.2 Other party is served user.43
A.6.3 Call Hold/Retrieve.44
A.6.3.1 CC links for active and non-active calls (option A).44
A.6.3.2 Reuse of CC links for active calls (option B) .44
A.6.3.3 IRI records.44
A.6.3.3.1 Invocation of Call Hold or Retrieve by target.44
A.6.3.3.2 Invocation of Hold or Retrieve by other parties.44
A.6.4 Explicit Call Transfer (ECT).44
A.6.4.1 Explicit Call Transfer, CC link .44
A.6.4.2 Explicit Call Transfer, IRI records.44
A.6.5 Calling Line Identification Presentation (CLIP) (IRI Records).45
A.6.5.1 Call originated by target (target is served user) .45
A.6.5.2 Call terminated at target (other party is served user) .45
A.6.6 Calling Line Identification Restriction (CLIR) .45
A.6.7 COnnected Line identification Presentation (COLP) .45
A.6.7.1 Call terminated at target (target is served user) .45
A.6.7.2 Call originated by target (other party is served user).45
A.6.8 COnnected Line identification Restriction (COLR).45
A.6.9 Closed User Group (CUG) .45
A.6.10 Completion of Call to Busy Subscriber (CCBS) .45
A.6.11 CONFerence call, add-on (CONF).46
A.6.11.1 CONFerence calls, add on: CC links .46
A.6.11.2 Conference calls: IRI records.46
A.6.12 Three Party Service (Conference) .46
A.6.12.1 CC links.46
A.6.12.2 Three Party Service, IRI Records .46
A.6.13 Meet-Me Conference (MMC).46
A.6.14 Direct Dialling In (DDI).46
ETSI
5 ETSI TS 101 671 V2.8.1 (2003-11)
A.6.15 Multiple Subscriber Number (MSN).46
A.6.16 DIVersion services (DIV) .47
A.6.16.1 Call Diversion by target.47
A.6.16.1.1 Call Diversion by target, CC links .47
A.6.16.1.2 Call Diversion by target, IRI records .47
A.6.16.2 Forwarded call terminated at target .47
A.6.16.3 Call from target forwarded .47
A.6.17 Variants of call diversion services.48
A.6.18 Void.48
A.6.19 Malicious Call IDentification (MCID).48
A.6.20 SUBaddressing (SUB).48
A.6.21 Terminal Portability (TP) .48
A.6.21.1 CC links.48
A.6.21.2 IRI records.48
A.6.21.2.1 Invocation of Terminal Portability by target.48
A.6.21.2.2 Invocation of Terminal Portability by other parties .48
A.6.22 User-to-User Signalling (UUS) .48
A.6.23 Abbreviated Address (AA).48
A.6.24 Fixed Destination Call (FDC) .49
A.6.25 Alarm Call (AC)/Wake-Up Service (WUS).49
A.6.26 Incoming Call Barring (ICB).49
A.6.27 Outgoing Call Barring (OCB) .49
A.6.28 Completion of Calls on No Reply (CCNR).49
A.6.29 Reverse charging.49
A.6.30 Line hunting.49
A.6.31 Message Wait Indication (MWI).49
A.6.32 Name display.49
A.6.33 Tones, announcements.50
A.7 Fixed network technologies annex.50
A.8 GSM circuit switched technology annex.50
A.8.1 Functional architecture.50
A.8.2 Correlation of CC and IRI (see clause 6) .51
A.8.3 HI3 (delivery of CC) .51
A.8.4 HI2 (delivery of IRI) .51
A.9 TETRA technology annex.52
Annex B (normative): Packet switched network handover .53
B.1 Specific identifiers for LI .53
B.2 HI1: interface port for administrative state .53
B.3 HI2: interface port for IRI .53
B.3.1 Definition of Interception Related Information for packet switched.53
B.3.2 Exception handling.53
B.3.3 Security aspects.53
B.4 HI3: interface port for Content of Communication.54
B.5 GPRS technology annex.54
B.5.1 Functional architecture.54
B.5.2 Correlation.55
B.5.2.1 Correlation of the present document ID's to GSM ID's .55
B.5.2.2 GPRS LI correlation between CC and IRI.55
B.5.3 HI2 (delivery of IRI) .55
B.5.4 HI3 (Delivery of CC) .56
Annex C (normative): HI2 Delivery mechanisms and procedures .57
C.1 ROSE.57
C.1.1 Architecture.57
C.1.2 ASE_HI procedures.57
ETSI
6 ETSI TS 101 671 V2.8.1 (2003-11)
C.1.2.1 Sending part.57
C.1.2.2 Receiving part.59
C.1.2.3 Data link management.59
C.1.2.3.1 Data link establishment .59
C.1.2.3.2 Data link release.60
C.1.2.4 Handling of unrecognized fields and parameters.60
C.1.3 Profiles.60
C.2 FTP.61
C.2.1 Introduction.61
C.2.2 Usage of the FTP.61
C.2.3 Profiles.62
C.2.4 File content.64
C.2.5 Exceptional procedures.64
C.2.6 Other considerations.64
Annex D (normative): Structure of data at the Handover Interface .66
D.1 Syntax definitions.66
D.2 Object tree.67
D.3 HI management operation.68
D.4 LI management notification.69
D.5 Intercept related information (HI2) .71
D.6 User data packet transfer (HI3 interface) .84
D.7 TETRA data transfer (HI3 interface) .85
D.8 Definition of the UUS1 content associated to the CC link.85
Annex E (informative): Use of sub-address and calling party number to carry correlation
information.87
E.1 Introduction.87
E.2 Subaddress options.87
E.3 Subaddress coding.88
E.3.1 BCD values.88
E.3.2 Field order and layout.88
E.4 Field coding.93
E.4.1 Direction.93
E.4.2 Coding of the Calling Party Number.94
E.5 Length of fields.94
Annex F (informative): GPRS HI3 Interface.95
F.1 Functional architecture.95
F.2 Correlation.95
F.3 HI3 Delivery Content of Communication (CC) .96
F.3.1 GPRS LI correlation header .96
F.3.1.1 Introduction.96
F.3.1.2 Definition of GLIC header.96
F.3.1.3 Exceptional procedure.97
F.3.1.4 Other considerations.98
F.3.2 FTP.98
F.3.2.1 Introduction.98
F.3.2.2 Usage of the FTP .98
F.3.2.3 Exceptional procedures.100
F.3.2.4 CC contents for FTP .100
ETSI
7 ETSI TS 101 671 V2.8.1 (2003-11)
F.3.2.4.1 Fields.100
F.3.2.4.2 Information element syntax.102
F.3.2.5 Other considerations.104
Annex G (informative): LEMF requirements - handling of unrecognized fields and parameters .105
Annex H (informative): Bibliography.106
Annex I (informative): Change Request History.107
History .109

ETSI
8 ETSI TS 101 671 V2.8.1 (2003-11)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://webapp.etsi.org/IPR/home.asp).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI).
ETSI
9 ETSI TS 101 671 V2.8.1 (2003-11)
1 Scope
The present document is step 3 of a three-step approach to describe a generic Handover Interface for the provision of
lawful interception from a Network Operator, an Access Provider or a Service Provider (NWO/AP/SvP) to the Law
Enforcement Agencies (LEAs). The provision of lawful interception is a requirement of national law, which is usually
mandatory for the operation of any telecommunication service.
Step 1 contains the requirements for lawful interception from a users (LEAs) point of view and is published in
TS 101 331 [1].
Step 2 describes the derived network functions and the general architecture (or functional model) and is published in
ES 201 158 [2].
The present document specifies:
• the generic flow of information as well as the procedures and information elements, which are applicable to
any future telecommunication network or service;
• the network/service specific protocols relating to the provision of lawful interception at the Handover
Interface, for the following networks/services:
- switched circuit; and
- packet data.
The technologies covered in the present document are: GSM, TETRA, GPRS, ISDN and PSTN.
NOTE 1: Handover for TETRA is not fully developed.
NOTE 2: As new networks and/or services are developed, the present document will be expanded as the relevant
standards become available.
2 References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication and/or edition number or version number) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: The numbering of the references is kept in line with the numbering as used in version 1.1.1 and
version 2.1.1 of ES 201 671.
[1] ETSI TS 101 331: "Telecommunications security; Lawful Interception (LI); Requirements of law
enforcement agencies".
[2] ETSI ES 201 158: "Telecommunications security; Lawful Interception (LI); Requirements for
network functions".
[3] ETSI ETR 330: "Security Techniques Advisory Group (STAG); A guide to legislative and
regulatory environment".
[4] Void.
ETSI
10 ETSI TS 101 671 V2.8.1 (2003-11)
[5] ETSI EN 300 356 (all parts): "Integrated Services Digital Network (ISDN); Signalling System
No.7 (SS7); ISDN User Part (ISUP) version 4 for the international interface".
[6] ETSI EN 300 403-1 (V1.2.2): "Integrated Services Digital Network (ISDN); Digital Subscriber
Signalling System No. one (DSS1) protocol; Signalling network layer for circuit-mode basic call
control; Part 1: Protocol specification [ITU-T Recommendation Q.931 (1993), modified]".
[7] Void.
[8] Void.
[9] Void.
[10] ETSI EN 300 061-1: "Integrated Services Digital Network (ISDN); Subaddressing (SUB)
supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[11] Void.
[12] Void.
[13] Void.
[14] ETSI EN 300 097-1: "Integrated Services Digital Network (ISDN); Connected Line Identification
Presentation (COLP) supplementary service; Digital Subscriber Signalling System No. one
(DSS1) protocol; Part 1: Protocol specification".
[15] Void.
[16] ETSI EN 300 130-1: "Integrated Services Digital Network (ISDN); Malicious Call Identification
(MCID) supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[17] ETSI EN 300 138-1: "Integrated Services Digital Network (ISDN); Closed User Group (CUG)
supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[18] Void.
[19] ETSI EN 300 185-1: "Integrated Services Digital Network (ISDN); Conference call, add-on
(CONF) supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[20] ETSI EN 300 188-1: "Integrated Services Digital Network (ISDN); Three-Party (3PTY)
supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[21] ETSI EN 300 207-1 (V1.2.5): "Integrated Services Digital Network (ISDN); Diversion
supplementary services; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[22] Void.
[23] ETSI EN 300 286-1: "Integrated Services Digital Network (ISDN); User-to-User Signalling
(UUS) supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[24] Void.
[25] ETSI EN 300 369-1 (V1.2.4): "Integrated Services Digital Network (ISDN); Explicit Call Transfer
(ECT) supplementary service; Digital Subscriber Signalling System No. one (DSS1) protocol;
Part 1: Protocol specification".
[26] Void.
[27] Void.
ETSI
11 ETSI TS 101 671 V2.8.1 (2003-11)
[28] Void.
[29] ETSI EN 300 196-1 (V1.2.2): "Integrated Services Digital Network (ISDN); Generic functional
protocol for the support of supplementary services; Digital Subscriber Signalling System No. one
(DSS1) protocol; Part 1: Protocol specification".
[30] Void.
[31] ITU-T Recommendation Q.850: "Usage of cause and location in the Digital Subscriber Signalling
System No. 1 and the Signalling System No. 7 ISDN User Part".
[32] ETSI ETS 300 974: "Digital cellular telecommunications system (Phase 2+) (GSM); Mobile
Application Part (MAP) specification (GSM 09.02)".
[33] ITU-T Recommendation X.680: "Information technology - Abstract Syntax Notation One
(ASN.1): Specification of basic notation".
[34] ITU-T Recommendation X.690: "Information technology - ASN.1 encoding rules: Specification of
Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding
Rules (DER)".
[35] ITU-T Recommendation X.880: "Information technology - Remote Operations: Concepts, model
and notation".
[36] ITU-T Recommendation X.881: "Information technology - Remote Operations: OSI realizations;
Remote Operations Service Element (ROSE) service definition".
[37] ITU-T Recommendation X.882: "Information technology - Remote Operations: OSI realizations;
Remote Operations Service Element (ROSE) pr
...