5 Services offered by the HSS

29.5633GPP5G SystemHome Subscriber Server (HSS) services for interworking with Unified Data Management (UDM)Release 18Stage 3TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

5.1 Introduction

The HSS offers the following services via the Nhss interface:

– Nhss_UEAuthentication Service

– Nhss_SubscriberDataManagement Service

– Nhss_UEContextManagement service

All scenarios shown in the following clauses assume that the HSS is stateful and stores information in local memory. However, the HSS may be stateless and stores information externally in the EPS-UDR. If so, the stateless HSS makes use of Ud interface as specified in 3GPP TS 23.335 [6] and 3GPP TS 29.335 [19] to retrieve required data from the EPS-UDR and store them locally before processing an incoming request. Processing the incoming request may then include updating data in the EPS-UDR or subscribing to data change notifications at the EPS-UDR by using the Ud interface. After processing the incoming request, the HSS may delete the locally stored data.

Table 5.1-1 summarizes the corresponding APIs defined for this specification.

Table 5.1-1: API Descriptions

Service Name	Clause	Description	OpenAPI Specification File	apiName	Annex
Nhss_UEAuthentication Service	6.1	HSS UE Authentication Service	TS29563_Nhss_UEAU.yaml	nhss-ueau	A.2
Nhss_SubscriberDataManagement Service	6.2	HSS Subscriber Data Management	TS29563_Nhss_SDM.yaml	nhss-sdm	A.3
Nhss_UEContextManagement Service	6.3	HSS UE Context Management	TS29563_Nhss_UECM.yaml	nhss-uecm	A.4
Nhss_EventExposure	6.4	HSS Event Exposure	TS29563_Nhss_EE.yaml	nhss-ee	A.5

5.2 Nhss_UEAuthentication Service

5.2.1 Service Description

The Nhss_UEAuthentication service allows a NF consumer (UDM) to request calculation of a fresh Authentication Vector (AV) for 5G_AKA or EAP_AKA_PRIME and provide the calculated AV to the requesting NF.

5.2.2 Service Operations

5.2.2.1 Introduction

For the Nhss_UEAuthentication service the following service operation is defined:

– Get

The Nhss_UEAuthentication service is used by the UDM to request the HSS to, calculate a fresh authentication vector (AV) for authentication the method 5G_AKA or EAP_AKA_PRIME, and provide it to the UDM by means of the Get service operation. See 3GPP TS 23.632 [8] clause 4.2.2.

5.2.2.2 Get

5.2.2.2.1 General

The following procedure using the Get service operation is supported:

– Authentication Vector Retrieval

5.2.2.2.2 Authentication Vector Retrieval

Figure 5.2.2.2.2-1 shows a scenario where the NF service consumer (UDM) retrieves an Authentication Vector for the UE from the HSS (see also 3GPP TS 23.632 [8] clause 4.2.2). The request contains the UE’s identity (imsi), the serving network name, the authentication method (5G_AKA or EAP_AKA_PRIME) and may contain resynchronization info.

Figure 5.2.2.2.2-1: NF service consumer requesting an Authentication Vector

1. The NF service consumer sends a POST request (custom method: generate-av) to the HSS.

2a. The HSS responds with "200 OK" with the message body containing the authentication vector.

2b. If the operation cannot be authorized due to e.g. UE does not have required subscription data, HTTP status code "403 Forbidden" should be returned including additional error information in the response body (in "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.3 Nhss_SubscriberDataManagement Service

5.3.1 Service Description

This service is used to retrieve the subscriber data indicated by the requested data type from HSS. In this release, only the PGW-C+SMF FQDN for S5/S8 interface information is supported as requested data type. See 3GPP TS 23.632 [8], clause 6.1.4.

5.3.2 Service Operations

5.3.2.1 Introduction

For the Nhss_SubscriberDataManagement service the following service operations are defined:

– Get

– Subscribe

– ModifySubscription

– Unsubscribe

– Notification

The Nhss_SubscriberDataManagement service is used by Consumer NF (UDM) to retrieve the UE data from the HSS due to IRAT mobility by means of the Get service operation.

It is also used by consumer NFs to subscribe to notifications of data change by means of the Subscribe service operation.

It is also used by consumer NFs to modify an existing subscription by means of the ModifySubscription service operation.

It is also used by consumer NFs that have previously subscribed, to unsubscribe from notifications of data changes by means of the Unsubscribe service operation.

It is also used by Consumer NFs that have previously subscribed, to get notified by means of the Notification service operation.

5.3.2.2 Get

5.3.2.2.1 General

The following procedure using the Get service operation is supported:

– UE Context In PGW Data Retrieval

5.3.2.2.2 UE Context In PGW Data Retrieval

Figure 5.3.2.2.2-1 shows a scenario where the NF service consumer (UDM) sends a request to the HSS to retrieve the UE’s Context In PGW data. The request contains the UE’s identity (which shall be an IMSI) and the requested information.

Figure 5.3.2.2.2-1: Requesting a UE’s Context in PGW Data

1. The NF service consumer (e.g. UDM) shall send a GET request to the resource representing the UE’s Context In PGW Data.

2a. On Success, the HSS shall respond with "200 OK" with the message body containing the UE’s Context In PGW Data as relevant for the requesting NF service consumer.

2b. If there is no valid data for the UE, HTTP status code "404 Not Found" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the GET response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.3.2.3 Subscribe

5.3.2.3.1 General

The following procedures using the Subscribe service operation are supported:

– Subscription to notification of data change

5.3.2.3.2 Subscription to notifications of data change

Figure 5.3.2.3.2-1 shows a scenario where the NF service consumer (e.g. UDM) sends a request to the HSS to subscribe to notifications of data change. The request contains a callback URI and the URI of the monitored resource.

Figure 5.3.2.3.2-1: NF service consumer subscribes to notifications

1. The NF service consumer sends a POST request to the parent resource (collection of subscriptions) (…/{ueId}/subscriptions), to create a subscription as present in message body.

2b. If there is no valid subscription data for the UE, HTTP status code "404 Not Found" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

2c. If the UE subscription data exist, but the requested subscription to data change notification cannot be created (e.g. due to an invalid/unsupported data reference to be monitored, contained in the SubscriptionData parameter), HTTP status code "501 Not Implemented" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.3.2.4 Unsubscribe

5.3.2.4.1 General

The following procedures using the Unsubscribe service operation are supported:

– Unsubscribe to notification of data change

5.3.2.4.2 Unsubscribe to notifications of data change

Figure 5.3.2.4.2-1 shows a scenario where the NF service consumer sends a request to the HSS to unsubscribe from notifications of data changes. The request contains the URI previously received in the Location HTTP header of the response to the subscription.

Figure 5.3.2.4.2-1: NF service consumer unsubscribes to notifications

1. The NF service consumer sends a DELETE request to the resource identified by the URI previously received during subscription creation.

2a. On success, the HSS responds with "204 No Content".

2b. If there is no valid subscription available (e.g. due to an unknown subscriptionId value), HTTP status code "404 Not Found" should be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the DELETE response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.3.2.5 Notification

5.3.2.5.1 General

The following procedures using the Notification service operation are supported:

– Data change notification to NF.

5.3.2.5.2 Data Change Notification To NF

Figure 5.3.2.5.2-1 shows a scenario where the HSS notifies the NF service consumer (that has subscribed to receive such notification) about subscription data change. The request contains the callbackReference URI as previously received in the SubscriptionData.

Figure 5.3.2.5.2-1: Subscription Data Change Notification

1. The HSS sends a POST request to the callbackReference as provided by the NF service consumer during the subscription.

2a. The NF service consumer responds with "204 No Content".

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the NF Service Consumer shall return 3xx status code, which shall contain a Location header with an URI pointing to an alternative notification endpoint.

5.3.2.6 ModifySubscription

5.3.2.6.1 General

The following procedures using the ModifySubscription service operation are supported:

– Modification of a Subscription to notification of data change

5.3.2.6.2 Modification of a subscription to notifications of data change

Figure 5.3.2.6.2-1 shows a scenario where the NF service consumer sends a request to the HSS to modify a subscription to notifications of data changes. The request contains the URI previously received in the Location HTTP header of the response to the subscription.

Figure 5.3.2.6.2-1: NF service consumer modifies a subscription to notifications

1. The NF service consumer sends a PATCH request to the resource identified by the URI previously received during subscription creation.

2a. On success, the UDM responds with "204 No Content".

2c. If the operation cannot be authorized, HTTP status code "403 Forbidden" should be returned including additional error information in the response body (in "ProblemDetails" element)

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the PATCH response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.4 Nhss_UEContextManagement Service

5.4.1 Service Description

The service allows an NF consumer (UDM) to trigger the cancellation of any previous registered serving node due to IRAT mobility. See 3GPP TS 23.632 [8], clause 6.1.3.

5.4.2 Service Operations

5.4.2.1 Introduction

For the Nhss_UEContextManagement service the following service operations are defined:

– SnDeregistration

– ImeiUpdate

– RoamingStatusUpdate

The Nhss_UEContextManagement service is used by Consumer NF (UDM) to request HSS to deregister the MME/SGSN via cancel location procedure and to update the IMEI and roaming status of the UE in the HSS.

5.4.2.2 SnDeregistration

5.4.2.2.1 General

The following procedure using the SnDeregistration service operation is supported:

– SN Deregistration

5.4.2.2.2 SN Deregistration

Figure 5.4.2.2.2-1 shows a scenario where the NF service consumer (UDM) requests HSS to initiate Cancel Location procedure towards the MME/SGSN due to IRAT mobility. The request contains the UE’s identity which shall be an IMSI.

Figure 5.4.2.2.2-1: SN Deregistration

1. The NF service consumer sends a POST request (custom method: deregister-sn) to the HSS; the request body contains the UE identity (IMSI) and the deregistration reason.

The HSS, based on the value indicated in the deregistration reason, initiates a Cancel Location towards the serving node, including a Cancellation Type value (see 3GPP TS 29.272 [17] and 3GPP TS 29.002 [20]) as follows:

– "UE_INITIAL_AND_SINGLE_REGISTRATION": S6a/S6d/Gr(S4/Gn/Gp) Cancel Location sent towards MME/SGSN, with a Cancellation-Type set to MME_UPDATE_PROCEDURE/SGSN_UPDATE_PROCEDURE; the HSS shall delete the stored MME/SGSN address and MME/SGSN number.

Additionally, a MAP D Cancel Location (IMSI) shall be sent towards MSC/VLR if a VLR number was found in the HSS/HLR for the user; the HSS/HLR shall delete the stored MSC/VLR number.

– "UE_INITIAL_AND_DUAL_REGISTRATION": S6d/Gr(S4) Cancel Location sent towards SGSN, with a Cancellation-Type set to SGSN_UPDATE_PROCEDURE; the HSS shall delete the stored SGSN address and SGSN number.

NOTE 1: As described in 3GPP TS 23.502 [3], a UE operating in dual-registration mode indicates that it is moving from EPS, which implies that there is an MME registered in HSS.

– "EPS_TO_5GS_MOBILITY": S6a Cancel Location sent towards MME, with a Cancellation-Type set to MME_UPDATE_PROCEDURE; the HSS shall delete the stored MME address and MME number.

Additionally, a MAP D Cancel Location (IMSI) shall be sent towards MSC/VLR if a VLR number was found in the HSS/HLR for the user; the HSS/HLR shall delete the stored MSC/VLR number.

– "EPS_TO_5GS_MOBILITY": S6d/Gr(S4) Cancel Location sent towards SGSN, with a Cancellation-Type set to SGSN_UPDATE_PROCEDURE; the HSS shall delete the stored SGSN address and SGSN number.

NOTE 2: Based on operator policy, and the presence of GUAMI in the DeregistrationRequest, the HSS can decide whether a registered VLR in the VPLMN needs to be cancelled. It should be noted that keeping the VLR registration can impact terminating services (e.g. T-ADS, MT-SMS…) causing failed paging attempts.

2a. On success, the HSS responds with "204 No Content". If the HSS has a valid subscription for the UE, but the UE is not registered in EPS network, the HSS shall respond with "204 No Content".

2b. If there is no valid subscription data for the UE, HTTP status code "404 Not Found" should be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.4.2.3 IMEI Update

Figure 5.4.2.3-1 shows a scenario where the NF service consumer (UDM) requests HSS to update the IMEI of the UE stored in the HSS. The request contains the UE’s identity which shall be an IMSI, and the new IMEI of the UE.

Figure 5.4.2.3-1: IMEI Update

1. The NF service consumer sends a POST request (custom method: imei-update) to the HSS; the request body contains the UE identity (IMSI) and the new IMEI of the UE.

2a. On success, the HSS responds either with "204 No Content", which indicates that the HSS does not have any stored IMEI(SV) value for the UE, or with a "200 OK", which indicates that the HSS had an IMEI value stored for the UE. In the latter case, the HSS shall update the locally stored IMEI value for the UE, and return in the response body the previous IMEI, so the NF Service Consumer (UDM) can determine whether the HSS contained a different IMEI value than the current one sent to the HSS in this IMEI Update notification.

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.4.2.4 Roaming Status Update

Figure 5.4.2.4-1 shows a scenario where the NF service consumer (UDM) requests HSS to update the Roaming Status of the UE stored in the HSS. The request contains the UE’s identity which shall be an IMSI, and the new PLMN-ID where the UE is located.

Figure 5.4.2.4-1: IMEI Update

1. The NF service consumer sends a POST request (custom method: roaming-status-update) to the HSS; the request body contains the UE identity (IMSI) and the new PLMN-ID of the UE.

2a. On success, the HSS responds with "204 No Content".

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.5 Nhss_EventExposure Service

5.5.1 Service Description

See 3GPP TS 23.632 [8].

5.5.2 Service Operations

5.5.2.1 Introduction

For the Nhss_EventExposure service the following service operations are defined:

– Subscribe

– Unsubscribe

– Notify

– ModifySubscription

The Nhss_EventExposure service is used by consumer NFs (e.g. UDM) to subscribe to notifications of event occurrence by means of the Subscribe service operation.

The Nhss_EventExposure service is also used by the consumer NFs (e.g. UDM) that have previously subscribed to notifications, to unsubscribe by means of the Unsubscribe service operation.

The Nhss_EventExposure service is also used by the subscribed consumer NFs (e.g. UDM) to modify an existing subscription by means of the ModifySubscription service operation.

5.5.2.2 Subscribe

5.5.2.2.1 General

The following procedures using the Subscribe service operation are supported:

– Subscribe to Notification of event occurrence

5.5.2.2.2 Subscription to Notification of event occurrence

Figure 5.5.2.2.2-1 shows a scenario where the NF service consumer sends a request to the HSS to subscribe to notifications of event occurrence. The request contains a callback URI, the type of event that is monitored and additional information e.g. SCEF Id, event filters and reporting options.

Figure 5.5.2.2.2-1: NF service consumer subscribes to notifications

1. The NF service consumer sends a POST request to the parent resource (collection of subscriptions) (…/{ueId}/ee-subscriptions), to create a subscription as present in message body. The request may contain an expiry time, suggested by the NF Service Consumer, representing the time upto which the subscription is desired to be kept active and the time after which the subscribed event(s) shall stop generating notifications. Additionally, the request may include an SCEF Id if Common Network Exposure is used (i.e. if combined SCEF+NEF requested the event(s) to be subscribed/monitored in EPC)

If MTC Provider information is received in the request, the HSS shall check whether the MTC Provider is allowed to perform this operation for the UE; otherwise, the HSS shall skip the MTC provider authorization check.

2a. On success, the HSS responds with "201 Created" with the message body containing a representation of the created subscription. The Location HTTP header shall contain the URI of the created subscription. If both HSS and NF consumer has indicated supporting of ERIR feature (see clause 6.4.8), the HSS shall include available immediate event reports, i.e. reports already received from MME, in the response body.

If some of the requested monitoring configurations fails, the response may include the failedMonitoringConfigs to indicate the failed cause of the failed monitoring configurations.

2b. If the user does not exist, HTTP status code "404 Not Found" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

2c. If there is no valid subscription data for the UE, i.e. based on the UE’s subscription information monitoring of the requested EventType is not allowed, or the requested EventType is not supported, or the MTC Provider is not allowed to perform this operation for the UE, HTTP status code "403 Forbidden" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

2d. In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

2e. If the requested monitoring event types or reporting options are not supported, HTTP status code "501 Not Implemented" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

5.5.2.3 Unsubscribe

5.5.2.3.1 General

The following procedures using the Unsubscribe service operation are supported:

– Unsubscribe to Notifications of event occurrence

5.5.2.3.2 Unsubscribe to notifications of event occurrence

Figure 5.5.2.3.2-1 shows a scenario where the NF service consumer sends a request to the HSS to unsubscribe from notifications of event occurrence. The request contains the URI previously received in the Location HTTP header of the response to the subscription.

Figure 5.5.2.3.2-1: NF service consumer unsubscribes to notifications

1. The NF service consumer sends a DELETE request to the resource identified by the URI previously received during subscription creation.

2a. On success, the HSS responds with "204 No Content".

2b. If there is no valid subscription available (e.g. due to an unknown SubscriptionId value), HTTP status code "404 Not Found" shall be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the DELETE response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.

5.5.2.4 Notify

5.5.2.4.1 General

The following procedures using the Notify service operation are supported:

– Event Occurrence Notification

5.5.2.4.2 Event Occurrence Notification

Figure 5.5.2.4.2-1 shows a scenario where the HSS notifies the NF service consumer (that has subscribed to receive such notification) about occurrence of an event. The request contains the callbackReference URI as previously received in the EeSubscription.

Figure 5.5.2.4.2-1: Event Occurrence Notification

1. The HSS sends a POST request to the callbackReference as provided by the NF service consumer during the subscription.

2a. The NF Service Consumer responds with "204 No Content".

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the POST response body.

In the case of redirection, the NF Service Consumer shall return 3xx status code, which shall contain a Location header with an URI pointing to an alternative notification endpoint.

5.5.2.5 ModifySubscription

5.5.2.5.1 General

The following procedures using the ModifySubscription service operation are supported:

– Modification of an EE-Subscription to notification of events

5.5.2.5.2 Modification of a subscription

The service operation is invoked by a NF Service Consumer, e.g. UDM, towards the HSS, when it needs to modify an existing subscription previously created by itself at the HSS.

The NF Service Consumer shall modify the subscription by using HTTP method PATCH with the URI of the individual subscription resource to be modified.

Figure 5.5.2.5.2-1: NF service consumer updates subscription

1. The NF service consumer (e.g. NEF) shall send a PATCH request to the resource representing a subscription. The modification may be for the events subscribed or for updating the event report options.

2a. On success, the request is accepted, the HSS shall respond with "204 No Content".

2b. If the resource does not exist e.g. the subscriptionId cannot be found, HTTP status code "404 Not Found" should be returned including additional error information in the response body (in the "ProblemDetails" element).

2c. If the modification can’t be accepted, HTTP status code "403 Forbidden" should be returned including additional error information in the response body (in the "ProblemDetails" element).

On failure, the appropriate HTTP status code indicating the error shall be returned and appropriate additional error information should be returned in the PATCH response body.

In the case of redirection, the HSS shall return 3xx status code, which shall contain a Location header with an URI pointing to the endpoint of another HSS (service) instance.