Sign in Subscribe

How does the 5G Core network handle user authentication and authorization?

Last updated on 


The 5G Core network, also known as 5GC, is a fundamental component of the 5G mobile communication system. User authentication and authorization in the 5G Core network involve several key procedures and elements. Here's a technical explanation of how the 5G Core network handles user authentication and authorization:

  1. Registration and Attach Procedure:
    • When a user device (UE - User Equipment) initiates communication with the 5G network, it goes through a registration and attach procedure. During this process, the UE establishes a connection with the network and provides some basic information.
  2. Authentication and Key Agreement (AKA):
    • A key part of user authentication in 5G is the Authentication and Key Agreement (AKA) procedure. This is an enhanced version of the AKA used in 4G (LTE). In AKA, the UE and the network authenticate each other and derive a set of cryptographic keys for securing the communication.
  3. Home Subscriber Server (HSS):
    • The HSS is a critical component in the 5G Core network that stores subscriber information, including authentication and authorization data. It's responsible for managing the subscriber profile and authentication vectors.
  4. Authentication Vector:
    • During the AKA procedure, the HSS generates an authentication vector containing a random challenge, the expected response, and other parameters. This vector is sent to the UE.
  5. Authentication in the UE:
    • The UE uses its secret key (Ki) to generate a response to the challenge received in the authentication vector. This response is sent back to the network.
  6. Authentication in the Network:
    • The network compares the received response with the expected response. If they match, the UE is considered authenticated. This step ensures that the UE possesses the correct authentication key and is a valid subscriber.
  7. Authorization:
    • Once authenticated, the network checks the subscriber's profile in the HSS to determine the level of service and permissions the user is entitled to. This step involves authorization and policy decisions based on the user's subscription and service agreements.
  8. Session Establishment:
    • With successful authentication and authorization, the 5G Core network establishes a session for the UE. This involves setting up the necessary data and control planes to enable communication services.
  9. Security Keys Update:
    • Periodically, the security keys used for securing the communication between the UE and the network are updated to enhance security. This process is part of the ongoing security management within the 5G Core network.