documentation

The YateHSS/HLR stores and manages the SIM database for mobile networks. It also manages multiple subscriber identities (from different technologies) in one server, providing seamless services over different networks. It is designed for use in GSM, UMTS, LTE, IMS, WiFi networks or any other type of network that uses MAP or Diameter for authentication.
The YateHSS/HLR includes a Home Location Register (HLR), an Authentication Center (Auc) (2G/3G) and a Home Subscriber Server (HSS) (4G LTE). The YateHSS/HLR exports a JSON API for integration with any SIM management and CRM systems. It is capable of interconnecting with all the VLRs implemented in a GSM mobile network, with any MME from a conventional LTE network, or with the YateUCN core network server.
As it is also an AuC, the YateHSS/HLR authenticates subscribers as they try to connect to the GSM, UMTS, or the LTE networks, to make phone calls, send SMSs and access mobile data.
YateHSS/HLR is catered to:

commercial solutions for MVNOs

medium or large MNOs

For roaming, YateHSS/HLR uses the SS7 (MAP) protocol in 2G networks and Diameter in 4G networks.

Important: yateBTS offer the SS7 configuration interface. For subscriber management you receive a JSON API which you must configure yourself.
YateHSS/HLR is easy to operate and manage remotely using the Yate Mobile Management Interface (MMI). The interface makes it accessible to add a new YateHSS/HLR unit, to setup a cluster of YateHSS/HLRs, to add subscribers, to modify and configure subscribers´ profiles and more.

Specifications

Features

Fully implemented in software using commodity hardware (e.g. Dell PowerEdge R430)

Scalable by adding multiple nodes in a cluster

JSON API over HTTP for configuration and management

Supports GSM, UMTS and LTE subscribers

Steering of roaming with hooks into external application

Multi-IMSI support with hooks into external application

Multi-operator support

Simultaneous support of MAP and Diameter

Super-Charger function supported in HLR

Separate CS, PS, EPS, IMS profiles for groups of subscribers

Configurable operator blocking in case of missing VPLMN features

Supported networks

2G/3G over MAP (ETSI) protocol

4G over MAP or Diameter protocol

IMS (VoLTE) over Diameter protocol

Supported authentication

2G SIM using COMP128-1, 2 or 3 algorithms

3G/4G USIM using MILENAGE algorithm

Derivation of 2G triplets from USIM quintuplets

IMS AKAv1-MD5 ISIM/USIM using MILENAGE algorithm

SIP MD5 Digest

Configurable partitioning of USIM/ISIM sequence number indexes

Communication protocols

MAP/SS7/SIGTRAN

  • ITU TCAP, ETSI MAP v3
  • ITU or ANSI SCCP and SS7 MTP
  • M2PA or M3UA-ASP over SIGTRAN, SCTP (CRC32)
  • E.164, E.212, E.214, TT or PC SCCP addressing
  • Can connect to multiple STP/GW

Diameter

  • 3GPP Applications S6a/S6d, Cx/Dx
  • SCTP or TCP transport
  • Can establish or listen for connections
  • Can connect to multiple Routing Agents

HTTP

  • JSON API server for configuration and subscriber management
  • REST API client for visited network change notification

SNMP

  • SNMP v2 or v3 for information retrieval
  • Traps sending for alarms

Telnet

  • Management CLI
  • Optional SSL and password protection

Supported services

Telephony calls

Short Message Service

Packet Switched Data

Evolved Packet System

Evolved Packet System

CS Services

Supplementary Services (per subscriber)

  • Call barring: BAOC, BOIC, BOIC-ExHC, BAIC, BIC-Roam
  • Call forwarding: CFU, CFB, CFNRC, CFNRY
  • Other: CLIR, CW, HOLD, MultiPTY
  • Password protection for service change

Operator barring (per subscriber)

  • ROAM, BAOC, BOIC, BOIC-ExHC, BAIC, BIC-Roam

CAMEL subscription (per profile)

  • O-CSI, T-CSI, VT-CSI, D-CSI, M-CSI, SS-CSI
  • MO-SMS-CSI, MT-SMS-CSI

USSD subscription (per profile)

  • Arbitrary number of prefixes to independent gateways

PS Services

Operator barring (per subscriber)

  • Call barring: BAOC, BOIC, BOIC-ExHC, BAIC, BIC-Roam
  • Call forwarding: CFU, CFB, CFNRC, CFNRY
  • Other: CLIR, CW, HOLD, MultiPTY
  • Password protection for service change

Operator barring (per subscriber)

  • ROAM, BAOC, BOIC, BOIC-ExHC, BAIC, BIC-Roam

CAMEL subscription (per profile)

  • O-CSI, T-CSI, VT-CSI, D-CSI, M-CSI, SS-CSI
  • MO-SMS-CSI, MT-SMS-CSI

USSD subscription (per profile)

  • Arbitrary number of prefixes to independent gateways

EPS Services

PDN connections (per profile)

  • Name, type, charging characteristics
  • QoS (LTE QCI, priorities)
  • VPAA, SIPTO, LIPA
  • APN OI Replacement, AMBR
  • PGW address and name

APN OI Replacement, AMBR, SRVCC, vSRVCC (per profile)

IMS Services

IMS private and public identities (per subscriber)

SIP username, authentication, realm (per subscriber)

Domain and CSCF configuration (per profile)

Initial Filter Criteria (per profile)

  • Configurable list of SPT groups
  • SPT types: RequestURI, Method, SIPHeader, SessionCase, SessionDescription

CAMEL subscription (per profile)

  • O-CSI, VT-CSI, D-CSI

High availability

Can be configured in a cluster of equal nodes

Subscriber data is replicated across all nodes

Requests can be distributed or balanced between nodes

Detection of communication failures

Automatic synchronization of new nodes

Automatic synchronization after failure

YateHSS/HLR in a 2G/3G network

YateHSS/HLR has all the functions of a typical HLR subscriber database, and those of a typical AuC, as described below. The AuC is the database that authenticates each SIM card that tries to connect to the 2G/3G core networks. As soon the SIM is authenticated, the HLR takes over and manages the SIM and its services. Each authentication involves an encryption key used to secure all the wireless communications between the mobile station and the core network.

The SIM card is the main identifier per subscriber that stores:

the international mobile subscriber identity (IMSI)

the shared secret authentication key (Ki)

an integrated circuit card identifier (ICCID)

The IMSI is the number used for identifying a subscriber. It has 15 digits or less and contains:

the Mobile Country code (MCC)

the Mobile Network Code (MNC)

the Mobile Subscription Identification Number (MSIN)

Also stored in the HLR is the MSISDN, also known as the subscriber’s phone number.

The authentication key (Ki) is an input to an algorithm used for authenticating the SIM card to the mobile network. It is stored in both the SIM and the AuC, but encrypted over the network. The authentication process is a challenge/response mechanism without ever revealing the secret key.

YateHSS/HLR stores which services are assigned to the subscriber, such as: telephony, SMS, CAMEL, call forward unconditional, call forward no reply, call forward not reachable, barring of all incoming calls, call waiting, call hold, call line identification presentation, calling line identification restriction, connected line presentation, connected line restriction, multiparty.

YateHSS/HLR uses the SS7 MAP protocol to perform roaming. It also uses the following SS7 protocols for 2G/3G connectivity: SIGTRAN, SCTP with CRC checksum, M2UA ASP, ITU MTP, SCCP, TCAP, ANSI MTP, SCCP and TCAP.

YateHSS/HLR in a 4G network

YateHSS/HLR has all the functions of Home Subscriber Server central database in an LTE network.

For the 4G network, the HSS was designed to take over both the roles of an HLR and those of an AuC. It stores identifying information for all the subscribers of a 4G network, such as:

user identification and addressing, which matches the IMSI

the MSISDN, also known as the subscriber’s phone number

user profile information (the services associated to the subscriber and its Quality of Service information)

The HSS generates security information for user identity keys and authenticates subscribers. 

In a 4G network, YateHSS/HLR will hold all the information mentioned above, will authenticate subscribers and authorize access, will provide support for mobility management, and call and session setup. 
YateHSS/HLR provides Diameter support for roaming. It also supports the following interfaces:

S6a/S6d (MME/SGSN to and from YateHSS/HLR) to provide Update Location, Authentication Info, Purge UE, Notify, Cancel Location, Insert Subscriber Data, Delete Subscriber Data, Reset

Cx/Dx (I-CSCF/S-CSCF to and from YateHSS/HLR) to provide User Authorization, Server Assignment, Location Info, Multimedia Authorization, Registration Termination, Push Profile

Identities and authentication in YateHSS/HLR

YateHSS uses a Public Identity, the MSISDN, to authenticate the subscriber.
Each Public Identity can have more, depending on the network connection type: 2G/3G, 4G, WiFi, IMS etc.

Depending on the authentication type, YateHSS/HLR will use:

SIP authentication, through a username and a password

SS7 authentication, through the IMSI and the Ki

EAP SIM/AKA authentication, through the IMSI and the Ki

YateHSS/HLR stores all the possible private identities of any given subscriber.

YateHSS/HLR in various deployments

YateHSS/HLR can be deployed in various forms, as seen in the illustrations below.

In mixed networks

For cable operators

In our Software-defined Mobile Network

YateHSS/HLR architecture

Yate C++ modules add support for various protocols: MAP, Diameter and a module that adds clustering support. These protocols are included only in the private version of Yate.

A Javascript library that eases work with the above protocol modules.

  • A Javascript library that eases work with the above protocol modules.
  • Various Javascript scripts that implement the actual logic of YateHSS/HLR.
    • For example: auc_map.jsc, hss_map.jsc, auc_diam.jsc, hss_diam.jsc, hss_config.jsc.
    • The scripts use the Js library to communicate with the protocol modules and the MySQL database and add cluster support.

A MySQL database that stores subscribers, service profiles, subscriber profiles and SIMs.

Configuration and monitoring API and subscriber management API built in Javascript/PHP

Remote access for YateHSS/HLR operations and management

YateHSS/HLR is easy to operate and manage remotely using the Yate Mobile Management Interface (MMI). The interface makes it accessible to add a new YateHSS/HLR unit, to setup a cluster of YateHSS/HLRs, to add subscribers, to modify and configure subscribers´ profiles and more.

username: admin

password: admin

YateMMI’s main benefit is the fact that operators care remotely manage all their entire network equipment using a single web interface.