3G security3GPP43.033Lawful InterceptionRelease 13Stage 2TS
The following picture shows the extract from the reference configuration which is relevant for activation, deactivation and interrogation of the lawful interception for the GPRS system.
Figure B.2: Functional model for GPRS Lawful Interception activation,
deactivation and interrogation
In addition to the typical GPRS functional entities, a new functional entity is introduced – the ADMF – the Lawful Interception administration function. The ADMF:
– interfaces with all the LEAs that may require interception in the PLMN;
– keeps the intercept activities of individual LEAs separate;
– interfaces to the PLMN.
Every physical SGSN or GGSN is linked by an own X1_1p-interface to the ADMF. Consequently, every single SGSN or GGSN performs interception (activation, deactivation, interrogation as well as invocation) independently from other SGSNs or GGSNs. The X0_1-interface represents the interface between the requester of the lawful interception and the Lawful administration function; it is included for completeness, but is beyond the scope of the present document.
The target identity for GPRS interception can be the IMSI, MSISDN or IMEI.
NOTE 1: Interception by MSISDN works only with the basic MSISDN.
In case of location dependent interception the following network/national options exist:
target location versus Interception Areas (IAs) check in the SGSN and Delivery Functions (DFs);
target location versus IAs check in the DFs. (physical co-location of the SGSN and DFs may be required by national law).
NOTE 2: The IA is previously defined by a set of cells. From the location of the target this set of cells permits to find the relevant IAs.
NOTE 3: The GGSN is not used for interception when location dependent interception is invoked in the network.