B.2.1 Activation

3G security3GPP43.033Lawful InterceptionRelease 13Stage 2TS

The following pictures show the information flow for the activation of the Lawful interception.

B.2.1.1 X1_1p-interface

The message sent from the ADMF to the GSN through the X1_1p interface contains the following:

– identity of the target ;

– information whether the IP shall be provided (see note 1);

– information whether the IRI shall be provided (see note 1);

– address of Delivery Function 2 (DF2P) for the IRI (see note 2);

– address of Delivery Function 3 (DF3P) for GPRS product (see note 3);

– IA in case of location dependent interception.

NOTE 1: As an option, the filtering whether intercept product and/or intercept related information has to be provided can be part of the delivery functions. If the option is used, the corresponding information can be omitted on the X1_1p-interface, while "information not present" means "intercept product and related information has to be provided" for the GSN. Furthermore the delivery function which is not requested has to be "pseudo-activated", in order to prevent error cases at invocation.

NOTE 2: As an option, only a single DF2P is used by and known to every SGSN or GGSN in the network. In this case the address of DF2P can be omitted.

NOTE 3: As an option, only a single DF3P is used by and known to every SGSN or GGSN in the network. In this case the address of DF3P can be omitted.

If after activation subsequently IP (Intercepted product) or IRI has to be activated an "activation change request" with the same target ID is to be sent.

Figure B.3: Information flow on X1_1p-interface for Lawful Interception activation

Interception of a target can be activated on request from different LEAs and each LEA may request interception via a different identity. In this case, each identity of the target on which to intercept will need to be sent via separate activation message from ADMF to GSN on the X1_1p-interface. Each activation can be for IP only, IRI only, or both IP and IRI.

When several LEAs request activation on the same identity then the ADMF determines that there are existing activations on the identity. In this case, the ADMF will not send an additional activation message to the GSN except when the activation needs to change from IP only or IRI only to IP and IRI. In that case an activation change message will be sent to the GSN.

B.2.1.2 X1_2p-interface (IRI)

For the delivery of IRI the message sent from the ADMF to the Delivery Function contains:

– the identity of the target;

– the address for delivery of IRI (= LEA address);

– which subset of information shall be delivered;

– a DF2P activation identity, which uniquely identifies the activation for DF2P and is used for further interrogation or deactivation, respectively;

– the warrant reference number if required by national option;

– IA in case of location dependent interception.

If a target is intercepted by several LEAs and/or several identities simultaneously, a single activation of delivery is necessary for each combination of LEA and identity.

Figure B.4: Information flow on X1_2p-interface for Lawful Interception activation

B.2.1.3 X1_3p-interface (IP)

For the delivery of GPRS intercept product the message sent from the ADMF to the Delivery Function contains:

– the identity of the target;

– the address of delivery for IP (= LEA address);

– a DF3 activation identity, which uniquely identifies the activation for delivery function 3 and is used for further interrogation or deactivation, respectively;

– the warrant reference number if required by national option;

– IA in case of location dependent interception.

If a target is intercepted by several LEAs and/or several identities simultaneously, a single activation of delivery is necessary for each combination of LEA and identity.

Figure B.5: Information flow on X1_3p-interface for Lawful Interception activation