1、 Reference number ISO/TR 11766:2010(E) ISO 2010TECHNICAL REPORT ISO/TR 11766 First edition 2010-04-15 Intelligent transport systems Communications access for land mobiles (CALM) Security considerations for lawful interception Systmes intelligents de transport Accs aux communications des services mob
2、iles terrestres (CALM) Considrations de scurit pour interception licite ISO/TR 11766:2010(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are
3、 licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details
4、 of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem rela
5、ting to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO 2010 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including pho
6、tocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Sw
7、itzerland ii ISO 2010 All rights reservedISO/TR 11766:2010(E) ISO 2010 All rights reserved iiiContents Page Foreword iv 1 Scope1 2 Conformance .1 3 Normative references1 4 Terms and definitions .1 5 Abbreviated terms .1 6 Overview.2 6.1 General requirement .2 6.2 Handover domain capabilities in CALM
8、/ITS .3 6.3 Interception domain capabilities in CALM/ITS .4 7 Stage 1 description of the LI interception facility 7 7.1 General .7 7.2 Description.7 7.3 Procedures.8 7.4 Interaction with other services 8 8 Stage 2 description of the LI interception facility 8 Annex A (informative) LI requirement for
9、 EU/EFTA.10 Annex B (informative) LI requirement for the United States of America (USA)11 Annex C (informative) LI requirement for Australia.12 Bibliography13 ISO/TR 11766:2010(E) iv ISO 2010 All rights reservedForeword ISO (the International Organization for Standardization) is a worldwide federati
10、on of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee
11、. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance w
12、ith the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires appr
13、oval by at least 75 % of the member bodies casting a vote. In exceptional circumstances, when a technical committee has collected data of a different kind from that which is normally published as an International Standard (“state of the art”, for example), it may decide by a simple majority vote of
14、its participating members to publish a Technical Report. A Technical Report is entirely informative in nature and does not have to be reviewed until the data it provides are considered to be no longer valid or useful. Attention is drawn to the possibility that some of the elements of this document m
15、ay be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/TR 11766 was prepared by Technical Committee ISO/TC 204, Intelligent transport systems. TECHNICAL REPORT ISO/TR 11766:2010(E) ISO 2010 All rights reserved 1Intelligent transport s
16、ystems Communications access for land mobiles (CALM) Security considerations for lawful interception 1 Scope This Technical Report reviews the ITS landscape and the provisions of lawful interception to ITS deployments. In particular it considers the CALM environment and the services offered in the I
17、Pv6 domain served by CALM and ITS in general. 2 Conformance There are no conformance requirements. This clause is included to provide numerical consistency between this Technical Report and other CALM International Standards. 3 Normative references The following referenced documents are indispensabl
18、e for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 21217, Intelligent transport systems Communications access for land mobiles (CALM) Architecture
19、ETSI ES 201 671, Telecommunications security Lawful Interception (LI) Handover interface for the lawful interception of telecommunications traffic ETSI TS 101 331, Telecommunications security Lawful Interception (LI) Requirements of Law Enforcement Agencies 4 Terms and definitions For the purposes o
20、f this document, the terms and definitions given in ISO 21217 and ETSI ES 201 671 apply. 5 Abbreviated terms CSP communication service provider ECN electronic communication network ECS electronic communication service ITS intelligent transport systems ISO/TR 11766:2010(E) 2 ISO 2010 All rights reser
21、vedIUR International User Requirement 1)LEA law enforcement agency LEMF law enforcement monitoring facility LI lawful interception MF mediation function OSS operations support system PoI point of interception 6 Overview 6.1 General requirement A lawful interception (LI) capability is required to sup
22、port the activities of LEAs. The requirements for LI have been developed by LEAs in the IUR and published for the specific needs of telecommunications providers in ETSI TS 101 331. The obligation to support and provide LI facilities applies to any CSP operating either an ECN or an ECS. This Technica
23、l Report identifies the consequences for standardization of the provision of LI for CALM-based ITS. The core requirements in regional regulation that enforce LI are given in Annexes A to C, where the main impact is as follows. A CSP should provide mechanisms to ensure the interception and handover o
24、f signalling of specific users, if required to by a lawful authority. A CSP should provide mechanisms to ensure the interception and handover of the content of communication of specific users, if required to by a lawful authority. The structure of a CSP is outlined in Figure 1, where providers of EC
25、Ns and ECSs are shown as specialisms of the generic CSP. 1) The IUR is provided as an annex to Reference 11. ISO/TR 11766:2010(E) ISO 2010 All rights reserved 3Figure 1 Structure of CSP relationship to ECN and ECS 6.2 Handover domain capabilities in CALM/ITS The CALM-based ITS network should interfa
26、ce to the LEA and its associated LEMF using the capabilities defined in ETSI ES 201 671 (where handover is provisioned over ISDN networks), or ETSI TS 102 232-1 4where handover is provisioned over packet switched (IP) networks, or using any appropriate handover interface defined by the LEA. ISO/TR 1
27、1766:2010(E) 4 ISO 2010 All rights reserved6.3 Interception domain capabilities in CALM/ITS 6.3.1 General The general architecture for the interception domain (which covers both CALM and ITS) is defined in ETSI ES 201 158 1and the generic reference model for the interception domain is defined in ETS
28、I TR 102 528 3 . The internal intercept functions intercept related information internal intercept function (IRI-IIF), content of communication internal intercept function (CC-IIF), and content of communication trigger function (CCTF), and the internal interfaces INI1, INI2, INI3, content of communi
29、cation trigger interface (CCTI), and content of communication control interface (CCCI) are also adopted for CALM and ITS (see Figure 2). Figure 2 Reference model for LI based on ETSI TR 102 528 ISO/TR 11766:2010(E) ISO 2010 All rights reserved 5The reference model describes the following functions a
30、nd interfaces. IRI-IIF generates signalling intercept material. CC-IIF generates content intercept material. CCTF controls the CC-IIF. Internal interface INI1 carries provisioning information from the lawful interception administration function (AF) to the internal intercept functions (IIF). Interna
31、l interface INI2 carries intercept related information (IRI) from the IRI-IIF to the MF. Internal interface INI3 carries content of communication (CC) information from the CC-IIF to the MF. CCTI carries trigger information from the IRI-IIF to the CCTF. CCCI carries controls information from the CCTF
32、 to the CC-IIF. The model for LI is given as a UML class model in Figure 3. Figure 3 UML class model of interception ISO/TR 11766:2010(E) 6 ISO 2010 All rights reservedThe key concepts shown in the model are as follows. a) The “target” is a system user with the specialization that he is subject to i
33、nterception. b) The “point of interception” (PoI) is a specialization of a system functional entity (FE) that is also found in an FE (e.g. the PoI may be found in a call processing FE). The data model for LI is given in Figure 4. Figure 4 Data model for LI Interception data has two specializations:
34、content (media streams); signalling. The data contains sufficient information to identify the target, the LEA, and the direction of the data (to or from the target). In both the interception domain and the handover domain there should be a clear means to allow the LEA/LEMF to correlate content and s
35、ignalling (i.e. content x arising from signalling y, belonging to a common target). 6.3.2 Characteristics of PoI In the CALM architecture, routing nodes may be vehicles, roadside beacons, roadside concentrators and core network breakout points. Non-routing CALM nodes shall not be used for intercepti
36、on (i.e. end points do not act as the PoI). The use of CALM in a generic ITS architecture, as shown in Figure 5, is used to highlight those elements that may become a PoI. ISO/TR 11766:2010(E) ISO 2010 All rights reserved 7NOTE The road-side unit might not have interfaces I7 and I8 in some deploymen
37、ts. Figure 5 CALM network interconnection reference model Communications that traverse interfaces I3, I7, I6 and I4 may be intercepted. The physical location of the PoI should be in all cases at the fixed infrastructure end of the interface. 6.3.3 Characteristics of CALM and identification of CALM u
38、sers As shown in Figure 2, the target for LI is a specialization of a system user (where the system is ITS over CALM). The interception of CALM where the media has a public identity, e.g. 2G and 3G cellular networks, can be explicitly intercepted against the public identity. 7 Stage 1 description of
39、 the LI interception facility 7.1 General The requirements given in both this clause and Clause 8 are examples of how a translation of the IUR could be presented in a future International Standard or other technical standard. 7.2 Description In recognizing the need identified in Clause 6 for CSPs to
40、 support the activities of LEAs, the CSP should provide mechanisms to ensure the interception and handover of signalling and of the content of communication of specific users, if required to by a lawful authority. Where possible, the CSP should use existing facilities to hand over any intercepted in
41、formation. ISO/TR 11766:2010(E) 8 ISO 2010 All rights reserved7.3 Procedures 7.3.1 Provision/withdrawal The LI interception service shall always be provided. 7.3.2 Normal procedures 7.3.2.1 Activation/deactivation/registration The LI interception service shall be activated upon issue of a valid inte
42、rception order from an LEA. The LI interception service shall be deactivated when the interception order expires or as defined by the LEA. 7.3.2.2 Invocation and operation The LI interception service shall be invoked on any communication from or to the target visible in the network. 7.3.2.3 Interrog
43、ation Interrogation shall be possible only from an authorized user. For the purposes of interrogation, an authorized user is one who is allowed by both LEA and the network operator/service provider to administer the LI interception service. 7.4 Interaction with other services There shall be no inter
44、action, i.e. the invocation of LI shall not alter the operation of any service. 8 Stage 2 description of the LI interception facility The stage 2 specification identifies the key functional elements for interception in a CALM/ITS network and the information flows associated to interception. The hand
45、over interface from which the LEA/LEMF receives intercepted material consists of the following three key elements. HI1: control information for administration of the interception (start, stop, target data, etc.). HI2: intercepted material relating to the signalling to and from the target. HI3: inter
46、cepted material relating to the content of communication to and from the target. At the time of publication of this Technical Report, only HI2 and HI3 have been specified in international standards. The HI2 interface is composed of the following four record types. IRI_Begin Intercept related informa
47、tion (IRI) identifying the start of a stateful transaction and containing the user signalling (e.g. an ISDN voice call setup message). IRI_Continue An IRI record identifying intermediate signalling in the course of a stateful transaction (e.g. invocation of a supplementary service during an ISDN voi
48、ce call). ISO/TR 11766:2010(E) ISO 2010 All rights reserved 9 IRI_End An IRI record identifying the end of a stateful transaction (e.g. call clear in an ISDN voice call). IRI_Report An IRI record that provides signalling information that is not directly related to a stateful transaction. ISO/TR 1176
49、6:2010(E) 10 ISO 2010 All rights reservedAnnex A (informative) LI requirement for EU/EFTA This annex is provided to illustrate the regional requirements that apply in the EU/EFTA. Operators subject to the authorization directive, i.e. those considered as communications service providers (CSP) in the context of the EU Framework Directive and the ECN&S regime, are required to support LI from statements made in the EU privacy directive
