Application-oriented 5G Core Network Service Architecture

The traditional communication network is mainly constructed for the communication demands between people. With the massive demands of the vertical industry of Internet of Everything, the process architecture of binding traditional network software with hardware and solidifying between the networks can no longer meet the requirements. To address these new business demands, 5G core network relies on the core idea of Cloud Native, through the service-based network architecture, network resources can be sliced, and control plane and user plane are separated. In combination with cloud technology, a customized, exposing, and service-based network is achieved.

5G core network has been reconstructed to redefine the network entity in the form of Network Function (NF). Each NF provides functions by independent functions (services) and can be called from each other, thus achieving the transition from a traditional rigid network (fixed functions of network elements, fixed connections between network elements, solidified signaling interactions) to a service-based flexible network.

Figure 1 3GPP Service-base Architecture 

Generally speaking, the core network with 5G SBA architecture has the following key features:

• NE functions decoupling and service-based NFs

The network function entities (NFs) that make up the core network are decoupled/dismantled at the functional level, and NFs are dismantled into several self-contained, self-managed, reusable network function services (NFSs). They can operate independently without relying on each other. Network Function Services (NFSs) can be independently upgraded and independently flexible. The services provided by NFSs standardize the interface to facilitate communication with other network function services.

• Network operation automation

Similar to the SOA/MicroService architecture concept in the IT Domain, 5G core network introduces a new network function entity (NRF), which provides functions such as network function entity (NF) service registration management, and NF service discovery mechanisms. As a consumer, NF entity only needs to find the applicable target NF/NFS through NRF. The core network is automated through this service mechanism so that the NF instance or NFS can plug and play.

• On-demand network slicing

The network functional entities in the core network can serve different slices (shared slices) or a specific slice service (a specified slice). According to the slice configuration, the core network is made up of different slice networks. The NSSF network function entity in the 5G core network is responsible for the management and selection of slices. Through the slice selection service provided by NSSF, different applications can use different slice network resources according to the slice requirements to meet the service requirements.

• Secure mutual access of NF/NFS

The network function entity under the 5G SBA architecture can be automatically registered to the NRF as a function service provider, and any NF entity can obtain the service and use the service by initiating a service request to the NRF. To ensure network security, 3GPP defines security-related specifications (such as 33501), restricting the use of network functions only to authenticated or secure entities. The access security methods are as follows:

• NRF authentication function 

A security access rule is configured on the NRF side. When the initiator NF initiates a service request to the NRF, the NRF determines whether the request can be authorized according to the rule. The NRF returns the target network element related information only after the authorization.

• NRF oAuth authorization function

NRF, which is regarded as the authorization server, provides the oAuth authorization service. The service provider needs to pass the NRF authentication and exchange certificates. The initiator NF needs to first obtain the dynamic token from the NRF, and then bring the token to call the service to the target NF. The target NF determines that the TOKEN is legally valid before providing the service.

In 3GPP R16, the 5G core network architecture is further evolved into eSBA by SBA, mainly adding the following functions:

• Service-based access of user plane NF

The service in R15 is only oriented to the control plane. User plane network elements such as UPF do not provide service interfaces for other network elements. The user plane network functions in R16 are further reformed in service-based mode and externally provided.

• Separation of business functions from network communication/routing functions

Similar to the Service Mesh architecture in the Internet, the routing policy and management functions are provided by the new SCP (Service Communication Proxy). Therefore, each NF can focus on the realization of the business function, and the functions such as the routing control are uniformly implemented by the SCP.

In summary, the SBA architecture of 5G core network is a major innovation in the next-generation network architecture. It has the advantages that are not available in traditional networks such as flexible and open, and it is an important basis for quickly meeting the needs of various industries. With the large-scale deployment and commercialization of 5G networks, on the basis of 5G networks, applications based on the Internet of Everything will inevitably emerge. As a leading 5G end-to-end solution provider, ZTE is leading the 5G innovation and deeply understands the evolution of the network to continuously escort future network communications.