MNO Cloud Use Cases Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#42Tdoc SA3LI11_104 Malta, 30 Aug – 01 Sep 2011

Rogers WirelessMNO Cloud Use cases 2 Introduction This document provides a brief description of the first Cloud Use Case from the List of potential Cloud Use Cases relevant to LI Work shown on slide 3

Rogers WirelessMNO Cloud Use cases 3 List of Potential Cloud Use Cases relevant to LI Work Use Case 1: File Sharing Service with single MNO Use Case 2: MNO uses a Cloud server Use Case 3: MNO uses a Cloud server that provides redirection Use Case 4: The MNO hosts a cloud in its network Use Case 5: SMB or Enterprise use multiple MNO networks Use Case 6: Same as Use Case 5, but each MNO has a Cloud Server that proxies (extension of Use Case 2) Use Case 7: Same as use case 6, however MNO cloud server provides redirection (extension of Use Case 2a) to the 3rd party cloud App server Use Case 8: SMB or Enterprise use multiple MNO with their own Clouds (extension of Use Case 5) Use Case 9: Enterprise extension to the cloud Use Case 10: Local Break out Note: This is not an exhaustive list of use cases

Rogers WirelessMNO Cloud Use cases 4 Rogers WirelessMNO Cloud Use cases 4 Use Case 1 General MNO offers a cloud service, File Sharing Service, see “Dropbox” as a real world example – The service can be white labelled by the MNO, such that the user does not know its from a third party The third party can choose its own third party provider for the service hosting The MNO may be a converged operator providing may access domains (3gpp, Non 3gpp, wireline, cable, Broadband) There are various business models offering the service which provide different architectures and implementations

Rogers WirelessMNO Cloud Use cases 5 Regulatory Domain Each regulatory Domain may have some constraints on the service delivery The File Sharing cloud infrastructure may be required to operate in the same domain as the LEA pending the delivery or lack of delivery of LI information

Rogers WirelessMNO Cloud Use cases 6 Use Case 1

Rogers WirelessMNO Cloud Use cases 7 Use Case 1 Description (1 of 3) In this case, a Small medium business (SMB) has opted to use File sharing Service for all its users. An MNO was selected that provides Broadband and Wireless connectivity and provides an integrated service across both domains of it users to access files, Read write and delete privileges are controlled by an Admin determined by the SMB for each user. This may or not be controlled by the MNO, but by preconfigured access rules to the Service. (ie initial setup) The MNO may have an Admin facility to the Cloud Service for user support (ie user set up configuration, clean up, network size, debug and problem resolution)

Rogers WirelessMNO Cloud Use cases 8 Use Case 1 Description (2 of 3) The service may use encryption from the application on the users device and provide end to end encryption from the application to the server. The files stored on the File Sharing Server may be encrypted (end to end security from user to user) The MNO may provide the encryption services The Cloud Service provider may provide the encryption service The user may provide its own encryption service

Rogers WirelessMNO Cloud Use cases 9 Use Case 1 Description (3 of 3) In this use case a third party service is used and that party has hosted the service on another third party application server. The Third party Service resides in a country not in the regulatory domain of the MNO nor LEA The third party APP Server is also not in the same regulatory domain as the MNO The service is setup that allows a user while not on the MNO network, to access the File sharing via another access domain ( ie Internet Cafe)

Rogers WirelessMNO Cloud Use cases 10 Use Case 1 LI Issues (1 of 2) While in the MNO domain, LI on the target is captured When the target is not on the MNO domain, and accessing the File Share, LI may not be captured. – The third party APP Server, may be in a different Regulatory Domain Regulatory procedures may block LI capture – Legal proceeding to block access, or to restrict information collected – Divulgence of the LI action can occur in the legal proceeding – Safe harbour risk management – The third party APP Server is in the same Regulatory Domain, but may be running an Application from a Third party Service Provider that is not in the same Regulatory Domain – Same as above – May not have access to the files or file system (application rules, application space, and or encryption, files may be store in a non native structure) The 3 rd party APP Server may not have LEA interfaces to support LI collection The 3 rd party Service provider may not provide LI access features or functions

Rogers WirelessMNO Cloud Use cases 11 Use Case 1 LI Issues (2 of 2) Use case example, Insider trading – User uses the internet cafe to post insider trading in the File Share, and deletes posts afterward. A warrant has already been issued on the suspected target prior to the insider trading. – Any and all traffic on the MNO is captured. Analysis of the existing data leads LEA to issue further warrants – Since the MNO is not supposed to know what going on, the Cloud service provider information may not have been passed to LEA A warrant to third party APP, may only provide a snap shot of the system the day the warrant was issued. – This warrant may be late, or delivery may be late A warrant to the 3 rd party Service provider, may provide a snap shot at the time the warrant was issued. – Log files may not be provided, – the file in question may not be retrieval able.

Rogers WirelessMNO Cloud Use cases 12 Recommendations There are cloud-specific LI aspects to be studied in SA3-LI It’s up to the group to discuss and decide how the work in this area should be tackled This is one of the basic use cases that we’ve identified, we should look also at the other identified use cases as per slide 3