ROF

Resource Owner Function

Management →
Introduced in Rel-18

ROF is a 5G-Advanced management function that handles resource ownership and delegation, authorizing other operators to use network resources like spectrum in sharing scenarios.

Category
Management
Introduced
Rel-18
Where
Services › IMS
Specifications
3 specs
ROF Description Purpose Related Classification Detected Changes Specifications

Description

The Resource Owner Function (ROF) is a logical function defined in 3GPP Release 18 within the broader architecture for enhanced network sharing and multi-operator core networks. It is a policy and authorization control entity that represents the owner of a physical or virtual network resource. These resources can include radio spectrum, radio access network (RAN) infrastructure (like gNBs), or even specific network slices. The ROF exposes the capabilities and usage conditions of its owned resources and can grant, modify, or revoke usage rights to other authorized entities, known as Resource User Functions (RUF). The interaction is governed by policies and service level agreements (SLAs).

Architecturally, the ROF is part of the management and orchestration plane, often associated with the Network Resource Model (NRM) and Service Management and Orchestration (SMO) framework. It interfaces with the RUF, typically via standardized APIs (like the Northbound APIs of the SMO), to facilitate resource discovery, negotiation, and leasing. The ROF's key role is to make authorization decisions. For example, in a neutral host scenario where a building owner operates a private 5G network, the building owner's ROF could authorize multiple mobile network operators (MNOs) to use that RAN, with each MNO's management system acting as a RUF. The ROF enforces policies on resource isolation, quality of service, and security for each user.

How it works involves a multi-step process. First, a RUF discovers available resources by querying a ROF or a discovery service. The RUF then sends a resource usage request, specifying requirements. The ROF evaluates this request against its internal policies, SLAs, and current resource utilization. If authorized, the ROF provisions the resource for the RUF, which may involve configuring the RAN, allocating spectrum, or activating a network slice. The ROF continues to monitor the usage for compliance and can trigger re-negotiation or termination based on policy violations or contract end. Specifications such as TS 23.222 (architecture for network sharing) and TS 33.122 (security aspects) define the procedures and security requirements for these interactions, ensuring that authorization is secure and auditable.

Purpose & Motivation

The ROF was created to address the growing complexity and demand for flexible network sharing models in 5G and beyond. Traditional network sharing (like MORAN or MOCN) was relatively static and required complex, pre-negotiated contracts between a limited number of operators. The rise of neutral hosts, private networks, and dynamic spectrum sharing scenarios required a more agile, automated, and standardized way to manage resource ownership and access rights. The ROF provides a standardized logical function to enable these dynamic marketplaces for network resources.

It solves the problem of operational silos and manual processes in multi-operator environments. By having a clear ROF-RUF interface, different business entities can automatically negotiate and utilize shared infrastructure, lowering barriers to entry and fostering innovation. For instance, it enables an airport authority (ROF) to dynamically grant capacity on its private network to an airline (RUF) during peak hours. From a security perspective, TS 33.122 defines how to secure these delegation interactions, preventing unauthorized access and ensuring that the resource owner maintains control. The ROF is a key enabler for 5G-Advanced business models, moving beyond simple roaming to true resource-as-a-service paradigms.

Classification

Part ofNRM

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (27 CRs across 2 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-18 6 changes

In Release 18, the Resource Owner Function (ROF) was formally introduced as a defined entity responsible for enabling authorization, managing, and revoking resource owner authorization for API access, specifically for Resource Owner-aware Northbound API Access (RNAA) scenarios. This release specified that the CAPIF core function's authorization function interacts with the ROF via the new CAPIF-8 reference point to obtain this authorization, though the detailed procedures for this interaction remain for further study. The enhancements focus on enabling an API invoker, potentially on a UE, to access resources of another UE with explicit resource owner consent managed through this new function.

  • API invoker obtaining authorization from resource owner TS 23.222CR0093
  • Discover a proper AEF with owner information TS 23.222CR0094
  • Reducing resource owner consent inquiry in a nested API invocation TS 23.222CR0095
  • Security for resource owner aware northbound access to APIs TS 33.122CR0036
  • Clarification on resource owner ID TS 33.122CR0046
  • Resource owner function TS 33.122CR0072
Rel-19 21 changes

In Release 19, the Resource Owner Function (ROF) was significantly enhanced with new, specified procedures that were previously listed as "FFS" (For Further Study). These new capabilities include defined mechanisms for an API invoker to obtain, manage, and revoke resource owner authorization, as well as a specified procedure for the CCF (CAPIF Core Function) to interact with the ROF over the CAPIF-8 reference point to obtain this authorization. Furthermore, the release introduced explicit support for scenarios where a UE-deployed API invoker accesses resources owned by another UE or a group of UEs, contingent upon resource owner consent.

  • Requesting of collective resource owner authorization TS 23.222CR0205
  • UE-deployed API invoker accessing other UEs’ resources of a group TS 23.222CR0230
  • Resource owner consent upon service API invocation TS 23.222CR0233
  • Procedure for Revoking Resource Owner Authorization TS 23.222CR0243
  • Procedure for CCF Obtaining Resource Owner Authorization TS 23.222CR0244
  • Clarification on resource owner consent upon service API invocation TS 23.222CR0257

+ 15 more changes

Explore further

Broader topics and technologies where ROF plays a role.

Topics
OAM (Operations & Maintenance)Authentication (5G-AKA, EAP)Spectrum & CoexistenceRoaming & Interconnect5G NR (New Radio)Lawful Intercept
Technologies
5G-Advanced5G

Defining Specifications

3GPP specifications that define or reference ROF, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 23.222 vj80 Common API Framework for 3GPP Northbound APIs Rel-19
TS 23.700 vk00 XR Services Application Enablement Layer Rel-20
TS 33.122 vj20 Security Architecture for CAPIF Rel-19