Description
The Home Subscriber Server (HSS) is the primary subscriber data repository and authentication center in 3GPP packet-switched core networks, including the IP Multimedia Subsystem (IMS). Architecturally, it is the evolution and fusion of the Home Location Register (HLR) and Authentication Center (AuC) from GSM networks, extended for IP-based services. It resides within the Home Public Land Mobile Network (HPLMN) and interfaces with numerous core network entities via the Diameter-based Cx, Sh, and S6a/S6d interfaces. Its central role is to manage the user's identity, service profile, and location information, making it indispensable for session establishment, mobility management, and service authorization.
The HSS stores a comprehensive set of permanent data for each subscriber, known as the User Profile. This includes the International Mobile Subscriber Identity (IMSI), Mobile Subscriber Integrated Services Digital Network Number (MSISDN), subscribed Quality of Service (QoS) parameters, and access point names (APNs) for data connectivity. For IMS services, it also stores the user's Private User Identity (IMPI), Public User Identity (IMPU), and associated service profiles that define telephony and multimedia service capabilities. During network attachment and session setup, the HSS works in tandem with other nodes: it provides authentication vectors (RAND, XRES, AUTN, CK, IK) to the Mobility Management Entity (MME) or Serving-Call Session Control Function (S-CSCF) to verify the user's identity and generate ciphering and integrity keys for secure communication.
Beyond authentication, the HSS is central to mobility management. It tracks the user's current serving node (e.g., MME in LTE, AMF in 5G) and, upon request, provides this information to entities like the Gateway Mobile Switching Center (GMSC) for mobile-terminated call routing. It also supports service provisioning by notifying application servers (via the Sh interface) of user profile changes or registration status. In 5G networks, its functions are partly assumed by the Unified Data Management (UDM), but the HSS remains crucial for legacy and interworking scenarios. Its robustness and high availability are paramount, as it is a single point of failure for subscriber management; therefore, it is often deployed in redundant, geographically separated configurations.
Purpose & Motivation
The HSS was created to address the limitations of the GSM-era HLR/AuC in the context of all-IP networks and the introduction of the IP Multimedia Subsystem (IMS). The traditional HLR was designed primarily for circuit-switched voice and SMS, using the MAP protocol. As 3GPP networks evolved to support high-speed packet data and rich multimedia services (VoIP, video calling, presence), a more flexible, IP-centric, and service-aware subscriber database was required. The HSS was standardized in 3GPP Release 5 as part of the IMS architecture to fulfill this need, providing a unified data store that could support both legacy circuit-switched mobility and new packet-switched IMS services.
Its creation solved several key problems. First, it consolidated subscriber data, eliminating the need for separate, synchronized databases for circuit-switched, packet-switched, and IMS domains, which reduced complexity and operational costs. Second, it introduced the Diameter protocol (replacing SS7 MAP for many interfaces), which is more suitable for IP networks, offering improved security, scalability, and support for attribute-value pairs (AVPs) for flexible data exchange. Third, it enabled sophisticated service profiles and triggers for IMS, allowing operators to offer personalized, multimedia services. The HSS became the cornerstone for enabling fixed-mobile convergence, roaming agreements for data and IMS services, and secure access to network resources, forming the foundation for the modern mobile broadband experience.
Classification
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (83 CRs across 6 releases). Complements the general historical overview above with the evidence-based evolution of this function.
In Release 15, the HSS saw specific corrections and enhancements to its event reporting and interfaces, primarily focused on improving accuracy for EPS. The release introduced stage 2 and stage 3 corrections to the HSS-triggered Subscriber Record Change event for EPS, ensuring proper procedures. Additionally, it corrected incorrect references to HSS-triggered events within the SMS and MMS service clauses.
- WebRTC Web Server Function discovery TS 23.228CR1173
- Introduction of MC server initiated group de-affiliation procedure TS 23.280CR0026
- MC server initiated group de-affiliation from group(s) in partner system TS 23.280CR0053
- Priority between MC service servers TS 23.280CR0071
- Request for resources from MC service server TS 23.280CR0091
- Functional alias controlling role of MC service server TS 23.280CR0106
+ 22 more changes
In Release 16, the HSS was enhanced to support Service-Based Architecture (SBA) principles, including the definition of specific HSS services for IMS and procedures for HSS discovery and selection via the NRF. New capabilities were introduced, such as HSS Event Exposure for subscriber data monitoring and updates to group management for services like MCPTT. Furthermore, subscriber data management was extended to include new parameters like IAB-Operation-Permission.
- SBA HSS Services for IMS TS 23.228CR1200
- HSS Discovery and Interface Type Selection TS 23.228CR1201
- MCPTT server limits the number of simultaneous successful service authorisations TS 23.379CR0213
- HSS Event Exposure TS 29.563CR0004
- Proposal for affiliation status information in group management server TS 23.280CR0165
- Update of SBA HSS Services for IMS TS 23.228CR1211
+ 10 more changes
In Release 17, the HSS saw enhancements primarily to support service-based interfaces (SBI) and group communication services. Specifically, new SBI service definitions were introduced for the Generic Bootstrapping Architecture (GBA), and support was added for providing functional alias information to the group controlling server. Furthermore, the HSS was updated to better support interactions with the MC service server for network resource requests and to clarify procedures for group call information flows.
- Providing activated functional alias information to the group controlling server TS 23.280CR0207
- Request for network resources at session establishment from the MC service server TS 23.280CR0278
- Add missing server to server information flows for group calls TS 23.379CR0239
- HSS GBA SBI Services Definition TS 29.562CR0090
- HSS GBA SDM API Definition TS 29.562CR0095
- HSS GBA UEAU API Definition TS 29.562CR0096
+ 3 more changes
In Release 18, the HSS saw enhancements primarily for Mission Critical (MC) services and data channel support. New procedures were introduced, including a migration service de-authorization procedure initiated by an MC service server and ad hoc group call procedures involving multiple MCPTT systems. Furthermore, the release specified a new reference point between the HSS and the DCSF and updated the general description of the HSS service for the data channel.
- Reference point between HSS and DCSF TS 23.228CR1305
- Partner MC service server stores necessary information for communication redirection TS 23.280CR0355
- Migration service de-authorization procedure initiated by MC service server TS 23.280CR0363
- Information flows for the ad hoc group call procedures involving multiple MCPTT systems - Participants list determined by the MCPTT servers TS 23.379CR0332
- Ad hoc group call procedures involving multiple MCPTT systems - Participants list determined by the MCPTT servers TS 23.379CR0333
- Update general description of HSS service for data channel TS 23.228CR1347
+ 2 more changes
In Release 19, the HSS was enhanced to support direct interaction with an IMS Application Server (AS) via the Sh interface. This introduced new procedures for IMS AS registration to the HSS, HSS subscription to the IMS AS for event notifications, and an HSS-initiated IMS AS de-registration. These changes are supported by new commands, AVPs, and the Nhss_imsEE service for the IMS subscribe and notify framework.
- Clarify MME and HSS behavior on authentication in disaster roaming service TS 29.272CR0888
- Add IMS AS registration to HSS procedure via Sh interface TS 29.328CR0660
- Add HSS subscription to IMA AS and event notification procedure via Sh interface TS 29.328CR0661
- Add new value of Data-Reference AVP to support IMS AS registration to HSS TS 29.329CR0255
- Add commands and AVPs to support HSS subscription to IMS AS and event notification TS 29.329CR0256
- Support of IMS subscribe and Notify framework in HSS TS 29.562CR0155
+ 13 more changes
In Release 20, the HSS-related updates primarily involved enhancements for Mission Critical Push-To-Talk (MCPTT) services, specifically clarifying and resolving editor's notes on server-to-server information flows and procedures. The release also incorporated additional interactions between the HSS and other network functions like the LMS (Location Management Server) and MC Service Servers, as part of revised service capability interactions. These changes refined the HSS's role in supporting advanced group communication and service server coordination within the 3GPP architecture.
Explore further
Broader topics and technologies where HSS plays a role.
Defining Specifications
3GPP specifications that define or reference HSS, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TR 21.905 vj00 | 3GPP Technical Terms and Definitions | Rel-19 |
| TR 22.980 vj00 | Network Composition Feasibility Study | Rel-19 |
| TS 23.127 v1600 | Virtual Home Environment Stage 2 Specification | Rel-6 |
| TS 23.141 vj00 | Presence Service Stage 2 Architecture | Rel-19 |
| TS 23.179 vd50 | MCPTT Functional Architecture | Rel-13 |
| TS 23.198 v1900 | Open Service Access (OSA); Stage 2 | Rel-9 |
| TS 23.218 vj00 | IMS Call Model Specification | Rel-19 |
| TS 23.228 vj50 | IMS Stage-2 Service Description | Rel-19 |
| TS 23.234 vd10 | 3GPP-WLAN Interworking Index | Rel-13 |
| TS 23.251 vj00 | Network Sharing Stage 2 Specification | Rel-19 |
| TS 23.271 vj00 | LCS Stage 2 Specification | Rel-19 |
| TS 23.278 vj00 | CAMEL for IMS Stage 2 Specification | Rel-19 |
| TS 23.280 vk10 | Common Architecture for Mission Critical Services | Rel-20 |
| TS 23.379 vk00 | MCPTT Functional Architecture | Rel-20 |
| TS 23.701 vc00 | WebRTC Access to IMS Architecture Study | Rel-12 |
| TR 23.732 vg00 | User Data Interworking, Coexistence, Migration Study | Rel-16 |
| TS 23.804 v1700 | SMS/MMS over IP Access Support | Rel-7 |
| TR 23.973 vj00 | Separate HSS/UDM Deployment Scenarios & Solutions | Rel-19 |
| TS 24.109 vj00 | HTTP Digest AKA & GAA Stage 3 | Rel-19 |
| TS 24.141 vj00 | Presence Service Protocol Details | Rel-19 |
| TS 24.147 vj00 | IMS Conferencing Protocol Details | Rel-19 |
| TS 24.206 v1700 | Voice Call Continuity Between CS and IMS | Rel-7 |
| TS 24.228 v1500 | IP Multimedia Call Control Signaling Flows | Rel-5 |
| TS 24.229 vj50 | IMS call control protocol based on SIP and SDP | Rel-19 |
| TS 24.234 vc20 | 3GPP-WLAN Interworking Network Selection | Rel-12 |
| TS 24.259 vj00 | Personal Network Management (PNM) Protocol Details | Rel-19 |
| TS 24.292 vj00 | IMS Centralized Services (ICS) Protocol | Rel-19 |
| TS 24.315 vj00 | Operator Determined Barring (ODB) for IMS | Rel-19 |
| TS 24.523 vj00 | NGCN-NGN Interconnection Scenarios | Rel-19 |
| TS 24.525 vj00 | Business Trunking Architecture & Requirements | Rel-19 |
| TS 24.819 v1700 | IMS Services via Fixed Broadband Access | Rel-7 |
| TS 24.841 v1600 | Presence Service IP Multimedia Subsystem | Rel-6 |
| TR 24.930 vj00 | IMS Session Setup Signalling Flows | Rel-19 |
| TS 26.119 vj00 | XR Media Capabilities for AR Devices | Rel-19 |
| TR 26.944 vj00 | QoE, ESQoS and SQoS metrics for 3G multimedia services | Rel-19 |
| TS 29.109 vj00 | GAA Bootstrapping Interfaces (Zh, Dz, Zn, Zpn) | Rel-19 |
| TS 29.175 vj40 | IMS AS Service-Based Interface Protocol | Rel-19 |
| TS 29.228 vj20 | Cx and Dx Interface Signaling Flows | Rel-19 |
| TS 29.229 vj10 | Diameter Protocol for Cx/Dx Interfaces | Rel-19 |
| TS 29.234 vb20 | WLAN-3GPP Interworking Stage-3 Protocol | Rel-11 |
| TS 29.272 vj40 | Diameter Interfaces for MME/SGSN | Rel-19 |
| TS 29.309 vj10 | Nbsp Service Based Interface for GBA BSF | Rel-19 |
| TS 29.328 vj20 | Sh and Dh Interfaces: HSS-AS Interactions | Rel-19 |
| TS 29.329 vj10 | Diameter Protocol for Sh Interface | Rel-19 |
| TS 29.562 vj40 | HSS Services for IMS & GBA Interworking | Rel-19 |
| TS 29.563 vj30 | TS 29563: Nhss services for HSS-UDM interworking | Rel-19 |
| TS 29.866 vj00 | IMS Disaster Prevention & Restoration Enhancement | Rel-19 |
| TS 32.101 vj00 | Management principles and high-level requirements | Rel-19 |
| TS 32.102 vj00 | Telecom Management Physical Architecture Framework | Rel-19 |
| TS 32.140 vj00 | Subscription Management (SuM) requirements | Rel-19 |
| TS 32.141 vj00 | Subscription Management (SuM) Architecture | Rel-19 |
| TS 32.271 vj20 | 3GPP LCS Charging Management Spec | Rel-19 |
| TS 32.272 vj00 | Charging for Push-to-Talk over Cellular (PoC) | Rel-19 |
| TS 32.277 vj20 | Charging Management for Proximity Services (ProSe) | Rel-19 |
| TS 32.278 vj00 | Monitoring Events Offline Charging Specification | Rel-19 |
| TS 32.280 vj00 | Advice of Charge (AoC) Framework | Rel-19 |
| TS 32.409 vj00 | IMS Performance Management Measurements | Rel-19 |
| TS 32.808 v1800 | Common User Profile Storage Framework | Rel-8 |
| TR 32.901 vj00 | UDC Application Data Models Study | Rel-19 |
| TS 33.107 vj00 | Lawful Interception Architecture & Functions | Rel-19 |
| TS 33.108 vj00 | LI Handover Interface Specification | Rel-19 |
| TS 33.203 vj10 | IMS Security Specification | Rel-19 |
| TS 33.220 vj00 | Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) | Rel-19 |
| TS 33.221 vj00 | Subscriber Certificate Distribution via GBA | Rel-19 |
| TS 33.222 vj00 | Secure HTTP Access in GAA | Rel-19 |
| TS 33.223 vj00 | GBA Push Function Specification | Rel-19 |
| TS 33.259 vj00 | Key Establishment between UICC Hosting & Remote Device | Rel-19 |
| TS 33.401 vj10 | EPS Security Architecture | Rel-19 |
| TS 33.545 vj20 | Security for NR Femto Subsystem | Rel-19 |
| TS 33.804 vc00 | Non-UICC SSO using SIP Digest credentials | Rel-12 |
| TS 33.820 v1830 | Home NodeB/eNodeB Security Architecture | Rel-8 |
| TS 33.835 vg10 | Study on authentication and key management for apps | Rel-16 |
| TS 33.859 vb10 | UTRAN Key Hierarchy Enhancement Study | Rel-11 |
| TS 33.863 ve20 | Security for Battery-Efficient IoT Device to Enterprise | Rel-14 |
| TR 33.919 vj00 | GAA Overview TR | Rel-19 |
| TR 33.924 vj00 | GBA-OpenID Interworking Specification | Rel-19 |
| TR 33.978 v1800 | Interim Security for Early IMS | Rel-8 |
| TR 33.980 vj00 | GAA & Liberty Alliance Interworking Guidelines | Rel-19 |