Hosting Party

Description

The Hosting Party (HP) is a functional role within the 3GPP security architecture, primarily specified for Proximity-based Services (ProSe) and later for Vehicle-to-Everything (V2X) communication. It is not a physical network element but a logical entity that participates in the authentication and authorization procedures. The HP typically resides outside the 3GPP operator's core network but is trusted by it through defined security associations and procedures. Its primary role is to host applications or service logic, such as a ProSe Application Server or a V2X Application Server, and to act on behalf of the actual service provider or user equipment in security exchanges.

Architecturally, the HP interfaces with the 3GPP network via standardized reference points, most notably with the ProSe Function in the core network. The security procedures involve the HP authenticating itself to the 3GPP network, often using credentials provisioned by the network operator or a trusted third party. Once authenticated, the HP can request authorization for specific services, such as enabling direct device-to-device communication for a set of users or managing group communication for V2X scenarios. The 3GPP network's ProSe Function validates these requests against user subscriptions and policies.

The HP's operation is governed by a security framework that ensures service legitimacy and protects network resources. Key components in this interaction include the HP's credentials (like certificates), the ProSe Function's authorization server capabilities, and the underlying authentication mechanisms (e.g., based on AKA variants). The HP may also be involved in key management, assisting in the secure distribution of keys used for encrypting or integrity-protecting direct communication between devices. This delegation model allows specialized service providers to leverage 3GPP authentication and network trust without needing to build their own cellular authentication infrastructure from scratch.

Purpose & Motivation

The Hosting Party concept was introduced to address the need for secure, delegated service hosting in emerging 3GPP service architectures, starting with Proximity Services in Release 9. Prior to this, services were typically either fully operator-hosted within the core network or entirely external with limited trust integration. This created a gap for third-party service providers who wanted to offer services that required tight integration with 3GPP authentication, mobility, and policy control—such as direct device-to-device communication for public safety or social applications.

The HP model solves this by defining a trusted intermediary role that can be authorized by the network operator. It enables a split responsibility where the operator manages the underlying subscriber authentication and network access, while the HP manages the application-layer service logic and user engagement. This is particularly critical for ProSe and V2X, where low-latency direct communication must be securely authorized and monitored. The HP framework provides a standardized way to establish this trust, preventing proprietary solutions and ensuring interoperability across different operators and service providers. It extends the 3GPP security perimeter in a controlled manner, facilitating innovation in services without compromising network security.

Key Features

• Acts as a logical trusted entity outside the 3GPP core network
• Integrates with ProSe Function for authentication and authorization
• Supports hosting of ProSe Application Server and V2X Application Server
• Participates in secure key management for direct communication services
• Enables delegated service management for third-party providers
• Utilizes 3GPP-defined security credentials and procedures

Evolution Across Releases

Defining Specifications