IV. Network functions in NG-CORE
The physical boundary between traditional EPC network elements such as Mobile Management Entity (MME), Service Gateway (SGW), and Packet Gate Way (PGW) will cease to exit with the introduction of virtualization and software. The 5G Core (5GC) can be thus redesigned to become open and flexible. As mentioned earlier, the elements of service based architecture are defined using network functions (NFs). These interconnect with the other network functions using a single API calling interface for invoking the necessary services.
In this section, we discuss some of the primary NFs that form the basic working structure of the 5GC. Some NFs are still in debate of their functionality and interconnections.
Figure 3: AUSF Associations
A. Authentication Server Function (AUSF)
The evolution to 5G architecture has involved many network services into the domain. Interactions between network services, when done without proper identity management, would create security gaps in the system.
The AUSF component handles authentication requests for 3GPP access and non-3GPP access networks. This system resides in the operator’s home network. The entities inter-acting with AUSF for identity management is shown in Figure 3. The security architecture and procedures of 5G are discussed in 3GPP Release-15 .
The AUSF interacts with the Security Anchor Function (SEAF) in order to authenticate the User Equipment (UE). The set of values in the Universal Subscriber Identification Module (USIM) are used by the Authentication Credential Repository and Processing Function (ARPF). The subscription identifier is used to uniquely identify a subscription and to mutually authenticate the UE and the 5G core network.
The AUSF will serve as the termination point of user plane (UP) security, while providing the necessary authentication and authorization processes. It will also handle network slicing security and Enhanced International Mobile Subscriber Identity (IMSI) Privacy.
B. Access and Mobility Management Function (AMF)
The Access and Mobility Management Function (AMF) provides UE-based authentication, authorization and mobility management services. It is possible for a UE to access the network using different technologies such as WiFi, 4G, 5G, etc. However, the services listed above will be provided by one AMF instance .
Figure 4: AMF Reference Model.
The AMF offers services to the Session Management Function (SMF) described in the next section. It also provides services to other AMFs, Policy Control Functions (PCF), Short Message Service Function (SMSF), Location Management Function (LMF), Gateway Mobile Location Centre (GMLC) and NEF via the Name of service based interface ,  as shown in Figure 4.
Some of the key AMF services include registration, connection, reachability and mobility management. It also serves as termination points for RAN control-plane interface (N2). It also supports transport of session management messages between UE and SMF. It provides several other functions that are too detailed to list here.
C. Session Management Function (SMF)
The Session Management Function (SMF), as the name implies, handles management of UE sessions while also allocating IP addresses to UEs. It also selects and controls the UPF for data transfer. Per-session SMFs may be allocated to UEs with multiple sessions. It also interacts with the User Plane Function (UPF) for efficient routing of the user’s packets. The detailed set of functions is discussed in .
D. Network Exposure Function (NEF)
The Network Exposure Function (NEF) enables external exposure capabilities of network functions for supporting Monitoring, Provisioning and Policy/Charging. The network capability exposure comprises:
(i) Exposure of network events externally as well as internally towards core network NFs; (ii) Exposure of provisioning capability towards external functions; (iii) Exposure of policy and charging capabilities towards external functions; and (iv) Exposure of core network internal capabilities for analytics.
The Monitoring capability is for monitoring of specific event for UE in 5G System (5GS) and making such monitoring events information available for external exposure via the NEF. The Provisioning capability is for allowing external party to provision of information which can be used for the UE in 5GS. The Policy/Charging capability is for handling QoS and charging policy for the UE based on the request from external party.
Based on operator configuration NEF may perform bulk subscription with the NFs that provides necessary services. This feature is controlled by local policies of the NEF that control events (set of Event ID(s)) and UE(s) are target of a bulk subscription. When the NEF performs bulk subscription (i.e. all UEs or group of UE(s) (identifying a certain type of UEs such as IoT UEs)), NEF subscribes to all the NFs that provide the necessary services present in PLMN to that UE. Upon receiving bulk subscription from the NEF, the NFs store this information. Whenever the corresponding event(s) occur for the requested UE(s) as in bulk subscription request, NFs notify the NEF with the requested information.
The NEF also supports security when services or Application Functions (AF) access 5G Core nodes. In essence, it behaves like a proxy or API aggregator for the core.
E. Network Repository Function (NRF)
The Network repository functions (NRF) allows every network function to discover the services offered by other network functions. It supports the service discovery function by maintaining the set of NF profiles and the set of available NF instances.
A service is an atomized capability in a 5G network, with the characteristics of high-cohesion, loose-coupling, and independent management from other services. This allows individual services to be updated independently with minimal impact to other services and deployed on demand. A service is managed based on the service framework including service registration, service authorization, and service discovery. It provides a comprehensive and highly automated management mechanism implemented by NRF, which greatly reduces the complexity of network maintenance. A service will interact with other services in a light-weight manner.
F. Policy Control Function (PCF)
The Policy Control Function (PCF) governs the network behavior by supporting unified policy framework. It also provides policy rules to Control Plane function(s). For instance, it provides Access and Mobility Management related policies for the AMF; and UE policies for Access Network discovery and selection policies and UE Route Selection Policies.
The PCF is expected to be similar to 4G’s Policy and Charging Rules Function (PCRF) framework. This entity is still not framed in total; the current status is available in .
G. Unified Data Repository (UDR) and related functions
The 5G network will serve different service dimensions, collecting data from heterogeneous environments. The Unified Data Repository (UDR) is the network entity in the 5G Core Network (5GC) which stores user subscription data
Figure 5: Data Storage Architecture of 5G
policy data, structured data for exposure, and application-level meta data such as Packet Flow Descriptions (PFDs) , . It provides the necessary interfaces for storing and retrieving of data in the repository. It also supports means for subscription to and notification of subscribed data changes.
The data storage architecture for 5GC is shown in Figure 5. The interface is used by other network functions (such as UDM, PCF, and NEF) to access a particular set of the data stored in the UDR. UDR provides one DataRepository service to all of the NF consumers, while different types of data may have different data access authorizations. The UDR will also have an authorization management mechanism to guarantee the safety of data access and the information in the repository.
The operations serviced by UDR should be able to identify the NF type of the consumer and the service operation type or name. It will also indicate the requested data information including the data set and data subset, and the resource/data identifier. If there is an illegal service operation or data access request initiated by a NF consumer, the service failure response will be returned through the corresponding interface with an explicit cause value.
Related to the UDR is the the Unified Data Management (UDM) function. that offers services to AMF, SMF, SMSF, NEF and AUSF. The services include Subscription data storage, Context data management service Authentication service in collaboration with AUSF.
The subscription data management is used by NFs (AMF and SMF) to retrieve the UE’s subscription data relevant to the consumer NF from the UDM. It is also used by consumer NFs to subscribe or un-subscribe to notifications of data change. UDM offers consumer NFs (AMF, SMF, SMSF) that have previously subscribed, to get notified by means of the notification service operation when UDM decides to modify the subscribed data.
The UE Context Management Service is used by NFs to register at the UDM. It is also used by the registered consumer NFs (AMF) to get notified when UDM decides to de-register the registered consumer NF.
The UE Authentication service is used by the AUSF to request the UDM to select an authentication method, calculate a fresh authentication vector (AV) if required for the selected method, and provide it to the AUSF. The UE Authentication service is also used by the AUSF to inform the UDM about the occurrence of a
successful or unsuccessful authentication .
The Unstructured Data Storage Function (UDSF) function is a part of the UDM entity described above. Network Functions (NFs) can store/retrieve “unstructured” data from an Unstructured Data Storage Function (UDSF). This data is based on the state information of different NFs, intermediate representation of data crossing different radio technologies, etc. The UDSF is located in the same Public Land MobileNetwork (PLMN) as the NF and can be attached to multiple NFs. The data that NF chooses to store in a UDSF is not unstructured from the perspective of the NF, but can be unstructured from the perspective of the UDSF. In addition, security of sensitive data stored in a UDSF must be considered and can affect the transmission and storage of such data.
H. User Plane Function (UPF)
The UPF implements part of the SGW and PGW functionality from LTE’s EPC. In particular, it supports
packet routing and forwarding, packet inspection, and QoS handling. It also acts as an external PDU session point of interconnection to Data Network (DN), and is an anchor point for intra-RAT and inter-RAT mobility. This is one of the important functions and has to efficiently process packets within sub-milliseconds. Any slowdown in this function will significantly increase packet latency and reduce user’s quality-of-experience. The UPF utilizes the services of the Session Management Function (SMF) explained earlier.
I. Application Function (AF)
The Application Function (AF) enables application influence on traffic routing, accessing NEF, interaction
with policy framework for policy control. This function will have significant trust and security implications since the core functions are exposed to the application level. This function is already part of the LTE standard and hence the experience from 4G networks will help in the 5GC design and implementation. This section presented the important control and dataplane functions in the 5G core network. Network slicing is an important novel function of the architecture. The Network Slice Selection Function (NSSF) is explained in detail in the next section.