The Home Subscriber Server (HSS) is a core network element in LTE (Long Term Evolution) architecture that plays a central role in managing user subscriptions, authentication, authorization, and mobility. It is an essential component of the EPC (Evolved Packet Core) and acts as the primary database for all user-related information in the LTE network.
HSS is the LTE counterpart of the HLR (Home Location Register) used in 2G/3G networks. However, HSS provides more advanced capabilities and supports the evolved features of IP-based mobile networks, including support for IMS (IP Multimedia Subsystem) services.
Core Functions of HSS in LTE
The HSS performs multiple critical tasks that support subscriber access, network mobility, and service delivery:
1. User Profile Management
The HSS stores detailed subscriber profiles, which include:
- IMSI (International Mobile Subscriber Identity)
- MSISDN (Mobile Subscriber ISDN Number)
- APN (Access Point Names) and allowed services
- QoS (Quality of Service) parameters
- Subscribed bearer types (default and dedicated)
- Roaming restrictions and access rights
This information is used by various LTE components like MME (Mobility Management Entity) and PCRF (Policy and Charging Rules Function) to deliver appropriate service levels to users.
2. Authentication and Authorization
One of the most critical roles of the HSS is authenticating users when they attach to the LTE network. The HSS communicates with the MME using the Diameter protocol over the S6a interface.
- It stores the user’s AUTN (Authentication Token) and KASME (Key for Access Security Management Entity).
- It provides these to the MME during the initial attach procedure to generate temporary session keys.
- It ensures that only legitimate UEs (User Equipments) can access the network.
This secure authentication is based on the EPS AKA (Evolved Packet System Authentication and Key Agreement) procedure.
3. Mobility Management
HSS assists in tracking the subscriber’s current location, even when moving across different tracking areas or eNodeBs. This is essential for enabling seamless handovers, especially during active data sessions.
- It maintains information about the MME Identity where the user is currently registered.
- This allows efficient routing of calls, SMS, and signaling messages to the correct serving node.
4. IMS Integration Support
The HSS is extended with IMS functions in networks that support voice over IP services, also known as VoLTE (Voice over LTE). In this scenario, the HSS provides service authorization and SIP registration support through its integrated SLF (Subscriber Location Function) and IMS Authentication.
IMS-enabled HSS communicates with the Call Session Control Function (CSCF) using the Diameter Cx and Dx interfaces.
5. Support for Roaming
When users roam into other networks, the visited network queries the HSS of the home network to verify identity and retrieve user profile settings. HSS allows roaming services by interacting securely across operator domains using standardized Diameter-based interfaces.
This enables consistent service delivery whether the subscriber is on the home network or a visited one.
6. Interfacing and Communication
The HSS communicates with multiple components across the LTE core:
| Component | Interface | Protocol | Purpose |
|---|---|---|---|
| MME | S6a | Diameter | User authentication, profile download, mobility support |
| CSCF (in IMS) | Cx/Dx | Diameter | IMS registration, user profile for VoLTE |
| SLF | Sh | Diameter | Service logic and application info exchange |
| PCRF | Sp | Diameter | Policy control, QoS enforcement |
HSS vs HLR
Though HSS evolved from the HLR of legacy networks, there are key differences:
- Protocol: HLR uses MAP (Mobile Application Part) over SS7; HSS uses Diameter over IP.
- Service Support: HLR supports circuit-switched services; HSS supports IP-based, packet-switched services.
- IMS Integration: HSS integrates IMS functions; HLR does not.
Virtualized and 5G Evolution
Modern HSS implementations are moving toward cloud-native and virtualized platforms (vHSS), which allow dynamic scaling and better integration with 5G core components. In 5G, HSS functionality is distributed into several Network Functions such as:
- UDM (Unified Data Management)
- AUSF (Authentication Server Function)
- UDR (Unified Data Repository)
These functions inherit and expand upon the roles originally handled by the HSS in LTE.
In summary, the HSS is a critical backbone of LTE networks that manages subscriber data, authenticates users, supports mobility, and facilitates service provisioning. It is indispensable for delivering secure, personalized, and uninterrupted services across both LTE and IMS networks.