5G Core Network Architecture: Detailed Guide

The 5G core network, as defined by 3GPP, is a cloud-aligned, service-based architecture that encompasses all 5G functions and interactions such as authentication, security, session management and traffic aggregation from end devices.

This architecture emphasizes the use of Network Function Virtualization (NFV) with virtualized software functions deployed using the Multi-access Edge Computing (MEC) infrastructure, which is central to 5G architectural principles.

5G Core Network Architecture
5G Core Network Architecture Components

The key advantages of 5G technology are faster data transmission speeds of up to multi-Gigabit/s, greater capacity to support a large number of IoT devices per square kilometer and lower latency of down to single-digit milliseconds, which is critical for applications such as connected vehicles in ITS applications and autonomous vehicles where near instantaneous response is necessary.

The 5G core network is completely software-based and native to the cloud, which allows for higher deployment agility and flexibility similar to the cloud.

Industry experts designed the 5G core to support the network functions of the 5G network, therefore, the 3GPP standard was developed which was named 5G core, it has the capability to control and manage network functions.

5G Core Network Architecture Components

The 5G Core Network Architecture Components include:

  • User Plane Function (UPF)
  • Unified Data Repository (UDR)
  • Unified Data Management (UDM)
  • Access and Mobility Management Function (AMF)
  • Authentication Server Function (AUSF)
  • Session Management Function (SMF)
  • Network Slice Selection Function (NSSF)
  • Network Exposure Function (NEF)
  • NF Repository Function (NRF)
  • Policy Control function (PCF)
  • Application Function (AF)
  • Data network (DN), e.g. operator services, Internet access or 3rd party services

Unified Data Management (UDM)

The Unified Data Management (UDM) system is responsible for managing the registration of network functions that serve the User Equipment (UE). It stores the Authentication Management Functions (AMFs) for the UE, as well as Session Management Functions (SMFs) per Packet Data Unit (PDU) session.

The UDM provides network functions with access to subscriber data based on consumer authorization, allowing the Network Exposure Function (NEF) to provide UE-related information.

Unified Data Management, is a centralized system that manages network user data, similar to the 4G network’s Home Subscriber Service (HSS), however, it is specifically built for 5G and is cloud-based.

It can be paired with the User Data Repository (UDR) that stores user data such as customer profiles, authentication information, and encryption keys. UDM operates on the control plane and uses microservices to communicate between the user plane and the control plane.

The storage space for all UDM information is located in a hyperconverged infrastructure (HCI). The 5G network and HCI are compatible because 5G requires virtualization, which HCI applies to compute, networking, and storage resources making the network fully virtualized.

UDM in 5G Core supports Following Functionalities:

  • Generation of 3GPP AKA Authentication Credentials
  • User Identification handling (e.g. storage and management of SUPI(Subscription permanent identifier)  of each subscriber in 5G system)
  • Support of de-concealment of privacy-protected subscription identifier (SUCI- Subscription concealed identifier)
  • Access authorization based on subscription data (e.g. roaming restrictions)
  • Support of session/service continuity e.g. by keeping SMF/DNN assignment of ongoing sessions
  • MT-SMS delivery support
  • LI functionality
  • Subscription management, SMS management

The UDM performs below parts of the 4G HSS Function:

  • Generation of Authentication and Key Agreement (AKA) credentials
  • User identification
  • Access authorization
  • Subscription management

Unified Data Repository (UDR)

The 5G Unified Data Repository (UDR) is a dual-core network function that includes the 3GPP’s 5G UDR and the 2G, 3G, and 4G UDR and Subscription Profile Repository (SPR).

It serves as an in-memory database that stores 5G core subscription and policy data, making it accessible through the standard Network Data Repository (Nudr) interface.

Additionally, UDR functions as an LDAP directory primarily storing 2G, 3G and 4G subscription and policy data, which is available through the User Data (Ud) interface.

UDR supports the storage and retrieval of subscription data by the Unified Data Management (UDM) and of policy data by the Policy Control Function (PCF). It also manages structured data for exposure by the Network Exposure Function (NEF).

Access and Mobility Management Function (AMF)

The Access and Mobility Function (AMF) is a critical component of the 5G core network that manages the registration and mobility of User Equipment (UEs) within the 5G System (5GS).

It performs many of the same functions as the Mobility Management Entity (MME) in a 4G network, such as coordinating signaling between UEs and other network functions, and providing service operations for handling N2 point-to-point messages between the Radio Access Network (RAN) and other network functions.

The AMF receives user information sent through the network and forwards it to the Session Management Function (SMF), which uses it to determine the best session manager to assign to the user.

The SMF acts as a gateway between the user plane and the control plane of the network, ensuring smooth and efficient communication between the two.

The AMF in 5G Core provides the following functionalities:

  • Termination of the RAN control plane interface (N2)
  • Termination of the NAS interface (N1)
  • NAS integrity protection and chipering
  • Registration management
  • Connection management
  • Reachability management
  • Mobility management
  • Lawful interception
  • Transport of session management messages between a UE and the SMF
  • Transparent proxy for routing session management messages
  • Access authentication and authorization
  • Transport of SMS messages between a UE and the SMSF
  • Location services management for regulatory services
  • UE mobility event notifications

It manages user access and mobility within the 5G core network, handling a wide range of functions such as registration, connection, reachability, and mobility management.

Additionally, it ensures the integrity and security of the network by performing functions such as NAS integrity protection and ciphering. As 5G technology continues to evolve, the AMF will continue to be an integral component in managing the 5G core network.

Also Read:  5G End-to-End Security, General Security, gNB Security, UE Security

Authentication Server Function (AUSF)

The Authentication Server Function (AUSF) plays a vital role in the 5G core network by authenticating User Equipment (UEs) within a home network.

It is responsible for making the decision on UE authentication, but it relies on a backend service for computing the necessary authentication data and keying materials when utilizing 5G-AKA or EAP-AKA’ methods.

Unlike the 4G network, where the Home Subscriber Service (HSS) functioned as a single entity, in a 5G network, the HSS functions are divided into three separate components: the AUSF, the Unified Data Management (UDM), and the User Data Repository (UDR) in a stateless architecture.

The AUSF handles authentication and provides encryption keys, the UDM manages and stores data, and the UDR stores user data such as customer profiles, authentication information, and encryption keys.

This shift from a single HSS to a combination of UDM, UDR, and AUSF is a key change in the transition from 4G to 5G, it aims to improve the modularity of products and to adopt service-based architecture that is prevalent in the software industry, allowing developers to combine services from different vendors into a single product.

AUSF in 5G Core provides the following functionalities:

  • Implementing the Extensible Authentication Protocol (EAP) authentication server
  • Storing keys for secure communication
  • Enabling a common access architecture for a unified EAP-based authentication framework
  • Supporting 5G-AKA authentication over 3GPP access
  • Controlling the execution of authentication
  • Playing a similar role as the Unified Data Management (UDM) and Authentication and Authorization Remote Function (ARPF) in comparison to the HSS/Authentication Center (AuC)
  • Allowing for non-SIM UEs, such as EAP-TLS with Extended Centralized Authentication Service (ECAS)
  • Architecture that enables isolation of authentication signaling

The AUSF is an essential component of the 5G core network, ensuring secure and reliable communication for users by performing the critical function of authentication.

It utilizes advanced technology such as EAP and 5G-AKA to provide a unified and secure authentication framework, while also allowing for non-SIM UEs, and isolation of signaling.

NF Repository Function (NRF)

The Network Repository Function (NRF) plays a crucial role in 5G networks by acting as a centralized repository for all network functions (NFs) in an operator’s network. It allows 5G NFs to register and discover each other through a standards-based API, enabling seamless communication and resource utilization.

The NRF, as defined by 3GPP, is responsible for maintaining the NF profile, handling the NF status subscription and notification, and providing a service discovery function. It maintains a profile of available network function instances, allowing for the discovery of specific services and instances.

The NRF enables dynamic management of the network, eliminating the need for network reconfiguration when adding, removing, or scaling network functions.

It supports the registration, de-registration, and update of network functions through Nnrf and O&M. It also supports service discovery of registered NF services and NF authorization for service access using access tokens.

The NRF is a key component that enables efficient resource utilization and tracking of all devices for new provisioning in 5G networks.

NRF in 5G Core (5GC) supports the following functionality:

  • Maintains the NF Profile of available NF instances and their supported services.
  • Allows other NF instances to subscribe to, and get notified about, the registration in NRF of new NF instances of a given type and interested NF profile change.
  • Supports service discovery function. It receives NF Discovery requests from NF instances, and provides the information of the available NF instances fulfilling certain criteria (for example, supporting a given service).
  • Service registration and discovery function so that Network Functions can discover each other.
  • Maintains NF profile and available NF instances

Network Slice Selection Function (NSSF)

The Network Slice Selection Function (NSSF) supports the selection of network slices and Access and Mobility Function (AMF) set that can serve the User Equipment (UE). It also supports the determination of allowed Network Slice Service-related Access Information (NSSAI) and configured NSSAI and, if needed, the mapping to subscribed S-NSSAIs.

Unlike traditional core networks, the NSSF is a new function in the 5G Core Service-Based Architecture (SBA) that is specifically designed to target new segments with access to network slicing.

NSSF in 5G Core (5GC) supports the following key functionalities:

  • Selecting the set of Network Slice instances serving the UE.
  • Determining the Allowed NSSAI, and the target AMF Set or the list of candidate AMF(s) to be used to serve the UE.
  • Network Slice Selection service, which enables the selection of a set of network slice instances that are allowed to serve the UE based on the Tracking Area Identity (TAI).
  • NSSAI Availability service, which enables the AMF to update the supported S-NSSAI(s) per TAI
  • NSSF notification of any changes to the NSSAI availability per TAI
  • Service registration and discovery function so that Network Functions can discover each other.
  • Maintains NF profile and available NF instances
  • NSSF redirects traffic to a network slice. Network slices may be defined for different classes of subscribers.
  • Selecting of the Network Slice instances to serve the UE
  • Determining the allowed NSSAI
  • Determining the AMF set to be used to serve the UE

The NSSF is an essential component of the 5G core network that enables efficient and flexible management of network slices and the efficient allocation of resources to UEs. With the support of NSSF, the 5G network can provide customized and secure services to different segments.

Also Read:  5G Interfaces: Understanding X2/Xn, S1/NG, F1 and E1 Interfaces

Network Slice Selection Assistance Information (NSSAI):

NSSAI enables efficient and flexible management of network slices, it is a collection of up to 8 Single Network Slice Selection Assistance information (S-NSSAI) elements, which are used to identify a specific network slice.

An S-NSSAI is a unique identifier that is composed of two parts: the Slice/Service type (SST) and the Slice Differentiator (SD). The SST is a numerical value that identifies the type of service or application that the network slice is providing.

This can include services such as low-latency gaming, high-definition video streaming, or industrial IoT applications.

The SD, on the other hand, is a unique value that differentiates the network slice from other slices of the same type. It can be used to identify different instances of the same service or application, or to distinguish between different levels of quality or security.

Together, the SST and SD form the S-NSSAI, which is used by the Network Slice Selection Function (NSSF) to identify and select the appropriate network slice for a specific UE.

The NSSAI, which is a collection of S-NSSAIs, enables the NSSF to select the appropriate network slice based on the UE’s service requirements and the available network slices in the area.

User Plane Function (UPF)

The User Plane Function (UPF) is a key component of the 5G core network that handles the user plane path of Packet Data Unit (PDU) sessions. It works together with the Session Management Function (SMF) to ensure efficient and secure communication between the User Equipment (UE) and the network.

The SMF is responsible for selecting and controlling the UPF, and multiple UPFs can be deployed for a given PDU session. Alternatively, a UPF can be controlled by multiple SMFs for different PDU sessions. This allows for flexible and dynamic management of network resources.


UPF in 5G Core (5GC) supports the following key functionalities:

  • Packet routing and forwarding: the UPF routes packets between the UE and the network
  • Packet inspection and QoS handling: UPF inspects packets to ensure compliance with network policies. UPF may optionally integrate a Deep Packet Inspection (DPI) for packet inspection and classification.
  • Traffic reporting: the UPF generates reports on traffic flows and usage
  • Downlink packet buffering: the UPF stores packets for later delivery to the UE
  • Downlink data notification: the UPF notifies the UE of available data
  • Uplink traffic verification: the UPF verifies the authenticity of uplink traffic
  • Connecting to the Internet POP (Point of Presence). The UPF may optionally integrate the Firewall and Network Address Translation (NAT) functions.
  • Mobility anchor for Intra RAT and Inter-RAT handovers
  • Lawful intercept — user plane
  • Maintains and reports traffic statistics

Policy Control Function (PCF)

The Policy Control Function (PCF) is a key component of the 5G core network that provides a unified policy framework for various network functions. This includes network slicing, roaming, and mobility management. The PCF allows other network functions to create and manage policies related to mobility and session associations, and provides them with the necessary information to enforce these policies.

The PCF also plays an important role in ensuring Quality of Service (QoS) by collecting packet flow information from the application function and using it to control network policies. This allows the PCF to prioritize different types of traffic and ensure that important applications receive the necessary resources to function properly.

In addition to supporting QoS, the PCF also enables network slicing, which allows operators to create multiple virtual networks on top of a shared physical infrastructure. This allows operators to offer different services to different customers with different requirements, such as low-latency services for industrial automation and high-bandwidth services for streaming video.

PCF in 5G Core (5GC) supports the following key functionalities:

  • PCF Performs the same function as the PCRF in 4G networks.
  • Performs the Network Slicing and Mobility Management
  • Performs the Subscription-based Policy Decisions
  • Performs the 5G Quality of Service and Charging Control

Network Exposure Function (NEF)

The Network Exposure Function (NEF) in 5G core network enables secure communication between network functions and third-party entities such as application functions. The NEF allows application functions to securely provide information to network functions, and vice versa.

The NEF plays a critical role in ensuring security and privacy by authenticating, authorizing, and throttling the application functions that access network functions.

It also stores information from other network functions as structured data and can expose that data to other network functions or application functions for various purposes, such as data analysis.

In addition to security and privacy, the NEF also plays an important role in enabling new services and use cases by making the capabilities and events of network functions available to third-party entities. This enables application functions to access network resources, such as user data or location information, in a controlled and secure way.

NEF in 5G Core (5GC) supports the following key functionalities:

  • NEF provides a mechanism for securely exposing services and features of the 5G core.
  • Exposes capabilities and events
  • Secure provision of information from an external application to 3GPP network
  • Translation of internal/external information
  • Control plane parameter provisioning
  • Packet Flow Description (PFD) management: PFD is a tuple of protocol, server-side IP and port number.

Session Management Function (SMF)

The Session Management Function (SMF) plays a critical role in managing and controlling sessions in the 5G network. It is responsible for setting up and managing sessions according to the network policy, and providing services to consumer network functions to control PDU session events.

Also Read:  5G Signalling Controller: Functions and SEPP

The SMF controls the UPF (User Plane Function) by selecting and managing the UPF, and also manages traffic steering at the UPF to ensure that traffic is routed towards the final destination. This includes managing the allocation of resources and ensuring that Quality of Service (QoS) requirements are met.

In addition to managing sessions and controlling the UPF, the SMF also plays a key role in supporting the charging of PDU sessions. The SMF is responsible for collecting information on session usage, and using this information to generate billing records and charge customers accordingly.

SMF in 5G Core (5GC) supports the following key functionalities:

  1. Secure exposure: The NEF supports the secure exposure of network functions capabilities and events to third parties, such as application functions, by authenticating and authorizing access to network resources.
  2. Data collection and storage: The NEF stores information from other network functions as structured data, which can be accessed and re-exposed to other network functions and application functions, and used for other purposes such as data analysis.
  3. Authentication and Authorization: NEF authenticate and authorize the application functions to access the network functions and resources.
  4. Throttling: The NEF also helps in controlling the access to network resources by application functions by applying throttling on them.
  5. Network slicing: NEF also supports the management and control of network slices, allowing for the creation of isolated and dedicated slices for different use cases and services.
  6. Event management: NEF also provides a mechanism for the management and control of network events, allowing network functions to subscribe to and receive notifications of relevant events.
  7. Network Configuration: NEF also provides the ability to configure and manage different aspects of the network, such as access control lists and security policies.

Application Function (AF)

The Application Function (AF) in the 5G Core (5GC) is a key component of the 5G architecture that enables the delivery of various services and applications over the 5G network. AFs are responsible for providing various functionalities such as application management, service orchestration, and service creation.

The AFs use the 5GC network functions, such as the NEF, to securely access and utilize network resources, and also to interact with other network functions such as the SMF, UPF, and PCF.

The AFs can also use the NEF to expose their own capabilities and events to other network functions and third-party applications.

In addition to its role in service delivery, the AFs also play a key role in supporting the management and control of network slices. They can use the NEF to access and manage the resources of specific slices, and also to monitor and report on the performance of these slices.

Application Function (AF) in 5G Core (5GC) supports the following key functionalities:

  • Performs the same function as the EPC AF: Application influence on traffic routing
  • Interaction with the policy framework for policy control.
  • Accessing NEF

BSF (Binding Support Function)

The BSF, or Binding Support Function, in the 5G Core (5GC) plays a crucial role in managing and maintaining the binding information between network functions.

This includes allowing the PCF to register and remove binding information, as well as allowing other network function service consumers such as the AF and NEF to discover the binding information, such as the address information of the selected PCF.

The BSF also offers the Nbsf_Management service to application functions that require PDU session binding functionality, ensuring seamless communication and data transfer between network functions. Overall, the BSF is an essential component in maintaining the smooth functioning of the 5GC.

The BSF function allows the PCF to be discoverable by other network functions.

BSF in 5G Core (5GC) supports the following key functionalities:

  • The BSF allows PCF to register and remove the binding information, and allows other NF service consumers (e.g. AF, NEF) to discover the binding information (e.g. the address information of the selected PCF).
  • The BSF offers the Nbsf_Management service to an application function (AF) that requires PDU session binding functionality.
  • The BSF allows PCF to register and remove the binding information, and allows other NF service consumers (e.g. AF, NEF) to discover the binding information (e.g. the address information of the selected PCF).

CHF (Charging Function)

The Charging Function (CHF) in the 5G Core (5GC) plays a crucial role in managing the charging of network resources for User Equipment (UE) and its Packet Data Unit (PDU) sessions.

The CHF utilizes a converged charging service, which is utilized by the Session Management Function (SMF) and enables both online and offline charging of PDU sessions.

Additionally, the CHF offers a spending limit control service that is used by the Policy Control Function (PCR) to implement usage-based policies for PDU sessions. With the CHF, operators can accurately track and charge for network usage, ensuring fair and efficient resource allocation.

Hope This Article would help you out to uncover everything about 5G Core Network Architecture in details.

We have also published more such articles on 5G network (5G Interfaces, Signalling Controller, 5G-4G Inter-networking, 5GC-vs-4G EPC) and 5G Security for Core Security and 5G End-to-End Security in detail.

Photo of author

Som D

Som is Network and Cloud Security expert with 12+ years of experience in the field and years of experience into 5G Security. She has researched, tested and written hundreds of articles on a variety of topics such as Network Security, Cloud Security, Wireless Security, Networking Basics, Mobile Operators services guides and 5G Security. In addition to her professional pursuits, Som is also a passionate into researching and publishing the content on other education platforms surrounding network security, cloud security and 5G security. She also creates guides, walkthroughs, solutions and more to help others with their progression in the same field.