Transcript GSC16-GTSC9-06

Document No:
GSC16-GTSC-06
Source:
ETSI
Contact:
Mike Sharpe
Source: Charles Brookson (OCG /SECURITY Chair)
GSC Session:
GTSC-9
Agenda Item:
4.2
Cybersecurity
Presenter: Mike Sharpe,
ETSI VP ESP
(ETSI Standardization Projects)
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
1
GSC16-GTSC9-06
Highlight of Current Activities
and Strategic Direction
• Cooperates with other to ESO’s
• Cybersecurity proposed joint initiative:
– STACS - Strategic Advisory Group on Cyber Security
• ETSI provides much of the supporting
Technical Standards
• Support to ENISA (European Network and
Information Security Agency)
– www.enisa.europa.eu
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
2
GSC16-GTSC9-06
Areas of security standardisation
•
•
•
•
•
•
•
•
•
•
•
Next Generation Networks (NGN) including IMS
Mobile/Wireless Communications (GSM/UMTS, TETRA, DECT…)
Lawful Interception and Data Retention
Electronic Signatures
Smart Cards
Algorithms
Emergency Communications / Public Safety
RFID and the internet of things including “Machine to Machine”
Quantum Key Distribution (QKD)
Privacy protection techniques
Intelligent transport
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
3
GSC16-GTSC9-06
Emergency Communications /
Public Safety
• EMTEL (ETSI Special Committee on Emergency
Telecommunications)
– Requirements for telecommunications infrastructure
• TETRA
– Core digital communications for PS organisations
• GSM to support public safety on-going work
– GSM on-board aircraft, eCall, GSM Direct Mode Operations
• Intelligent Transport
– Cooperative systems to improve transport
safety
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
4
Future activities on
Cybersecurity
GSC16-GTSC9-06
• 7th ETSI Security Workshop: 18-19
January 2012
– www.etsi.org/securityworkshop
• ETSI Security White Paper
– www.etsi.org/securitywhitepaper
– 4th Edition to be published end 2011
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
5
GSC16-GTSC9-06
Lawful Interception update
• ETSI
– Provides LI Technical standards for many years
• Including coordination with 3GPP SA3-LI
– Data retention (EC Directive)
• Balance
– Privacy and security
– Need for LI for evidence of Criminals and Terrorists
– We do not get much guidance ……… !
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
6
GSC16-GTSC9-06
European
Telecommunications
Standards
Institute
SA3-LI
ATTM
TISPAN
Handover Interfaces for transport of
Lawful Interception and Retained Data
are standardized by
TETRA
Technical Committee
Lawful Interception
Retained Data
Lawful Interception
Security LI & RD
environment
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
7
GSC16-GTSC9-06
Intro on ETSI/TC LI
.
• Created as stand-alone TC in October 2002
• Meetings
– three plenary meetings a year are organised (around 75 participants)
– dedicated Rapporteur’s meetings can be organised on a specific issue
(actual study items: Dynamic Triggering, eWarrant, DR Architecture)
• Participation
•
– Government organisations: Law Enforcement Agencies, Regulators
– Communication Service Providers
– Manufacturers
TC LI meetings can be attended by ETSI members
– non-ETSI members can participate by invitation of the chairman
– next plenary meeting: ETSI/TC LI#29, February 2012
• Producing specifications and reports
– on Lawful Interception and Retained Data handling
– mainly on the Handover Interface
• Promoting globally ETSI Lawful Interception and Data Retention
standards amongst operators and national bodies
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
8
GSC16-GTSC9-06
Why Lawful Interception
implementation in EU
17th January 1995: EU Council of Ministers
adopted resolution COM 96/C329/01 on Lawful
Interception
The providers of public telecommunications
networks and services are legally required to
make available to the authorities the information
necessary to enable them to investigate
telecommunications
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
9
GSC16-GTSC9-06
Types of Lawful Intercepted data
(TS 101 331)
• Intercept Related Information (IRI)
– Collection of information or data associated with
telecommunication services involving the target identity:
• communication associated information or data
(including unsuccessful communication attempts)
• service associated information or data
(e.g. service profile management by subscriber)
• location information
• Content of Communication (CC)
– Information exchanged between two or more users of a
telecommunications service
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
10
GSC16-GTSC9-06
General network arrangements
network
Content of
Communication
communication
associated
information
Handover
Interface
interception
interface (internal)
result of
interception
(IRI + CC)
service
associated
information
location
information
Halifax, 31 Oct – 3 Nov 2011
(TS 101 331)
ICT Accessibility For All
Law
Enforcement
Monitoring
Facility
11
GSC16-GTSC9-06
Handover Interface ports
•
(TS 101 671)
HI1: for Administrative Information
– Request for lawful interception:
target identity, LIID, start/duration, IRI or IRI+CC,
IRI delivery address, CC delivery address, ...
– Management information
•
HI2: for delivery of Intercept Related Information (IRI)
– All data related to establish the telecommunication service and to control
its progress
– Correlation information
•
HI3: for delivery of Content of Communication (CC)
– Transparent en-clair copy of the communication
– Correlation information
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
12
GSC16-GTSC9-06
Handover Interface Concept
(TS 101 671)
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
13
GSC16-GTSC9-06
Why study on Retained Data in
EU
15th of March 2006: the European Parliament
and the Council of the European Union adopted
Directive 2006/24/EC on Data Retention
Data generated or processed in connection with the provision
of publicly available electronic communications services
or of public communications networks
need to be retained
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
14
GSC16-GTSC9-06
Applicability Directive
• The content of the communication is not part of the directive
• Data to be Retained
– Successful and unsuccessful communication attempts
– Wireline network telephony / Wireless network telephony
– Internet access / Internet e-mail / Internet telephony
• Categories of data to be retained
–
–
–
–
–
data to trace and identify the source of a communication
data to identify the destination of a communication
data to identify the date, time and duration of a communication
data to identify the type of communication
data to identify users' communication equipment or what purports to
be their equipment
– data to identify the location of mobile communication equipment
• Detailed requirements shall be defined by each Member State in
its national law
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
15
GSC16-GTSC9-06
Functional Model
(TS 102 657)
Authorised
Organization
Communication Service Provider
Administrative
Function
IHI-4
Network
elements
Data
Collection
Function
IHI-3
Mediation
Function-A
IHI-1
IHI-2
Mediation
Function-B
Data store
Management
Function
Handover
Interface HI-A
Issuing
Authority
administrative
Handover
Interface HI-B
transmission
RD material
Receiving
Authority
(DTR 103 657)
HI-A: various kinds of administrative, request and response information from/to the
Issuing Authority and the responsible organization at the CSP for RD matters.
HI-B: retained data information from the CSP to the Receiving Authority
HI-A and HI-B may be crossing borders between countries:
subject to corresponding national law and/or international agreements.
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
16
GSC16-GTSC9-06
CSP
Retained Data Handover
Signalling principle
Successful
delivery
(TS 102
657)
AO
REQUEST: Request for Retained Data (HI-A)
REQUEST(ACK): Acknowledge request message (HI-A)
Response: Results of RD request (HI-B)
RESPONS(ACK): Acknowledge response message (HI-A)
 Data exchange techniques
 “direct TCP” with BER encoding derived from the ASN.1
 “HTTP” with XML encoding
• on top of the standard TCP/IP stack
• choice of technique is a national option
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
17
Modular approach RDHI
specification
GSC16-GTSC9-06
Framework for Retained Data Handover Interface
Telephony
services
e.g.
PSTN/ISDN
GSM/UMTS-cs
SMS/MMS
Halifax, 31 Oct – 3 Nov 2011
Network
Access
services
Internet
GPRS
UMTS-ps
Asynchronous
Message
services
E-mail
webmail
ICT Accessibility For All
Synchronous
Multi-media
services
chat
18
GSC16-GTSC9-06
Retained Data requests
• A request may only ask for data from one service
–
–
–
–
Telephony services
Network access services
Asynchronous message services
Synchronous multi-media services
• A request may only ask for data from one category
–
–
–
–
–
Subscriber data
e.g. subscriber ID, name, address, NRI
Usage data
e.g. call records
Equipment data
Network element data
e.g. location and identity GSM base station
Additional service usage
e.g. DSN
• A request shall list one or more request criteria
– Equal To
– Range
– Member of
Halifax, 31 Oct – 3 Nov 2011
a specified value for a given field
a range for a given field (e.g. lower and upper bounds,
using the lessThan or greaterThan operators)
a list of values for a given field
ICT Accessibility For All
19
GSC16-GTSC9-06
Telephony Service Usage details
├ partyInformation
│ └ PartyInformation
│ ├ partyNumber
│ ├ subscriberID
│ ├ deviceID
│ ├ locations
│ ├ communicationTime
│ ├ iCCID
│ ├ iMSI
│ ├ natureOfAddress
│ ├ forwardedTransferredNumber
│ ├ terminatingTransferredNumber
│ ├ emailAddress
│ ├ iMEI
│ ├ detailedLocation
│ └ nationalTelephonyPartyInformation
│
Halifax, 31 Oct – 3 Nov 2011
│
│
├ communicationTime
├ eventInformation
│ └ TelephonyEventInformation
│ ├ time
│ ├ type
│ ├ party
│ └ location
├ endReason
├ communicationType
├ bearerService
├ smsInformation
├ ringDuration
├ mmsInformation
└ nationalTelephonyServiceUsage
ICT Accessibility For All
20
GSC16-GTSC9-06
Generic Subscriber Information details
GenericSubscriberInfo
organizationInfo
name
contactDetails
nationalRegistration
individualInfo
name
contactAddress
dateOfBirth
gender
identificationNumber
authenticationInfo
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
21
GSC16-GTSC9-06
National DR Implementation
• Definition of the set of elements to be retained
• Definition of the format of the requests
• Which standard to be used for the request and for the
transport of the requested data (e.g. ETSI TS 102 657)
• Preparation of ETSI handover specification for national
implementation
–
–
–
–
–
definition of the optional elements for national use
how to use specific elements
definition of specific national elements
transport mechanism to be used
security mechanisms
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
22
GSC16-GTSC9-06
Security Report
• ETSI TR 102 661
Security framework in Lawful Interception and
Retained Data environment
– defining a security framework for securing Lawful
Interception and Retained Data environment of the
CSP and the Handover of the information
– CSP= Communication Service Provider
– Advice on Security measurements
– Advice on Physical security
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
23
GSC16-GTSC9-06
Challenges
• Many International and regional Initiatives
in this area
– Harmonisation and cooperation
• Regional co-ordination on issues, many of
our Standards have been adopted e.g.
Smart Cards, M2M, LI
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
24
GSC16-GTSC9-06
Next Steps / Actions
• Further work with other ESOs
– CEN and CENELEC
• Standards for security in support of
citizens
Halifax, 31 Oct – 3 Nov 2011
ICT Accessibility For All
25