Description
Authentication, Authorization, and Accounting (AAA) is a comprehensive security and management framework defined by 3GPP to control access to network resources, enforce policies, and record usage data. In the 3GPP architecture, AAA functions are primarily implemented within the Core Network, often interacting with the Home Subscriber Server (HSS) or Unified Data Management (UDM) for credential verification and user profile data. The framework is protocol-agnostic in concept but is commonly realized using the Diameter protocol (specified in 3GPP TS 29.229 and related specs) for communication between network functions, such as between a Policy and Charging Rules Function (PCRF) and an Online Charging System (OCS).
The process begins with Authentication, where a user or device proves its identity to the network, typically by presenting credentials (like an IMSI and a shared secret) that are verified against data stored in the HSS/UDM. This step ensures the entity is who it claims to be. Following successful authentication, Authorization determines what services, data rates, or network resources the user is permitted to access based on their subscription profile, current network policies, and service agreements. This is enforced by network elements like the Policy Control Function (PCF).
Finally, Accounting involves the collection of resource consumption data for purposes of billing, trend analysis, or capacity planning. This can be done in real-time (online charging) or as a batch process after the session (offline charging). The AAA framework integrates deeply with the 3GPP Policy and Charging Control (PCC) architecture, where authorization and accounting policies are dynamically applied and updated during a user session. Its role is critical not just for basic access but for enabling sophisticated service differentiation, secure network slicing, and flexible business models like sponsored data.
Purpose & Motivation
The AAA framework was created to address the fundamental requirements of commercial telecommunications networks: ensuring that only legitimate, paying subscribers can access services, that they use only the services they are entitled to, and that their usage can be accurately measured and billed. Prior to standardized AAA, early mobile networks had simpler, less scalable mechanisms for access control and billing. The formalization of AAA in 3GPP, beginning with Release 4, provided a structured, interoperable, and scalable model that could support the transition from circuit-switched voice to packet-switched data services and the complex service portfolios of 3G and beyond.
Its creation was motivated by the need for a unified security and management layer that could work across diverse access technologies (e.g., GPRS, WLAN interworking, 5G NR) and service types. It solves the problem of fragmented access control by providing a centralized point for credential verification and policy decision-making. Furthermore, it enables advanced business operations by supporting flexible charging models (pre-paid, post-paid, volume-based, time-based) and detailed auditing trails, which are essential for regulatory compliance and fraud prevention. In essence, AAA is the cornerstone that transforms a raw connectivity pipe into a secure, billable, and manageable commercial service.
Classification
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (2 CRs across 2 releases). Complements the general historical overview above with the evidence-based evolution of this function.
Studied in Rel-4, normative work from Rel-16.
In Release 16, the AAA function was enhanced to support PCRF-based P-CSCF restoration procedures, improving service continuity. This introduces a mechanism within the All-IP Network (AIPN) framework to maintain authentication, authorization, and accounting during network element recovery. The update leverages the existing AIPN requirement to support appropriate mechanisms for identification and authentication across systems.
- Support of PCRF-based P-CSCF restoration TS 29.229CR0295
In Release 18, a key enhancement for the AAA function was the introduction of support for Standalone Non-Public Networks (SNPNs) to connect to the 5G Core network for Authentication, Authorization, and Accounting. This is specifically defined by the new capability for an "SNPN List with AAA connectivity to 5GC." This provides a standardized mechanism for these private networks to utilize the 5G system's identification and authentication procedures.
- SNPN List with AAA connectivity to 5GC TS 24.302CR0748
Explore further
Broader topics and technologies where AAA plays a role.
Defining Specifications
3GPP specifications that define or reference AAA, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TS 22.258 v1700 | All-IP Network Service Requirements | Rel-7 |
| TR 22.935 vd00 | LCS Feasibility Study for 3GPP-WLAN Interworking | Rel-13 |
| TR 22.937 vd00 | FMC requirements for 3GPP-WLAN service continuity | Rel-13 |
| TR 22.978 vj00 | Feasibility of All-IP Network (AIPN) in 3GPP | Rel-19 |
| TR 22.980 vj00 | Network Composition Feasibility Study | Rel-19 |
| TS 23.141 vj00 | Presence Service Stage 2 Architecture | Rel-19 |
| TS 23.218 vj00 | IMS Call Model Specification | Rel-19 |
| TS 23.234 vd10 | 3GPP-WLAN Interworking Index | Rel-13 |
| TS 23.271 vj00 | LCS Stage 2 Specification | Rel-19 |
| TR 23.923 v1300 | Mobile IP+ Feasibility Study for UMTS/GPRS | Rel-4 |
| TS 24.229 vj50 | IMS call control protocol based on SIP and SDP | Rel-19 |
| TS 24.234 vc20 | 3GPP-WLAN Interworking Network Selection | Rel-12 |
| TS 24.302 vj00 | Access to EPC via non-3GPP networks; Stage 3 | Rel-19 |
| TS 28.204 vi11 | Charging management | Rel-18 |
| TS 28.402 vj00 | EPC and non-3GPP Interworking Performance Measurements | Rel-19 |
| TS 28.601 vc00 | Telecom management; CN and non-3GPP access NRM IRP Requirements | Rel-12 |
| TS 28.602 vc00 | CN & non-3GPP NRM IRP Information Service | Rel-12 |
| TS 28.611 vj00 | EPC-WLAN Interworking NRM IRP Requirements | Rel-19 |
| TS 28.879 vj10 | OAM for Service Management Exposure Study | Rel-19 |
| TS 29.201 vj00 | RESTful Rx Interface for AF-PC Communication | Rel-19 |
| TS 29.229 vj10 | Diameter Protocol for Cx/Dx Interfaces | Rel-19 |
| TS 29.234 vb20 | WLAN-3GPP Interworking Stage-3 Protocol | Rel-11 |
| TS 29.329 vj10 | Diameter Protocol for Sh Interface | Rel-19 |
| TS 29.336 vj10 | HSS Diameter Interfaces for PDN Interworking | Rel-19 |
| TS 29.806 vc10 | P-CSCF Restoration Analysis & Solutions | Rel-12 |
| TS 29.817 vc10 | Study on XML-based Rx interface for PCC | Rel-12 |
| TS 29.826 vd10 | P-CSCF Restoration Enhancements for WLAN | Rel-13 |
| TS 32.102 vj00 | Telecom Management Physical Architecture Framework | Rel-19 |
| TS 32.808 v1800 | Common User Profile Storage Framework | Rel-8 |
| TS 32.833 vb00 | Converged OSS End-to-End Management Study | Rel-11 |
| TS 33.107 vj00 | Lawful Interception Architecture & Functions | Rel-19 |
| TS 33.117 vk00 | Catalogue of General Security Assurance Requirements | Rel-20 |
| TS 33.203 vj10 | IMS Security Specification | Rel-19 |
| TS 33.210 vj20 | UMTS Security for IP Networks | Rel-19 |
| TS 33.234 vj00 | 3GPP-WLAN Interworking Security | Rel-19 |
| TS 33.320 vj00 | H(e)NB Subsystem Security Architecture | Rel-19 |
| TS 33.402 vj00 | Security for non-3GPP access to EPS | Rel-19 |
| TS 33.545 vj20 | Security for NR Femto Subsystem | Rel-19 |
| TS 33.820 v1830 | Home NodeB/eNodeB Security Architecture | Rel-8 |
| TS 33.822 v1800 | Security Architecture for Inter-Access Mobility | Rel-8 |
| TR 33.926 vk00 | Security Assurance Specification (SCAS) | Rel-20 |
| TR 33.978 v1800 | Interim Security for Early IMS | Rel-8 |
| TS 37.870 vd00 | Study on Multi-RAT Joint Coordination | Rel-13 |
| TR 38.810 vg70 | NR OTA Test Methods Study | Rel-16 |
| TS 43.318 vj00 | Generic Access Network (GAN) Stage 2 | Rel-19 |
| TR 43.901 vj00 | Generic Access to A/Gb Interface Feasibility Study | Rel-19 |
| TR 43.902 vj00 | GAN Enhancements Feasibility Study | Rel-19 |
| TS 44.318 vj00 | Generic Access Network (GAN) Interface Procedures | Rel-19 |