Skip navigation
Harness the power of cloud-native subscriber data management

Harness the power of cloud-native subscriber data management

Subscriber data management (SDM)

Today’s mobile networks manage millions of subscriber-related data transactions every second. SDM makes this possible, ensuring subscriber data can be ingested, stored, provisioned, and accessed on demand to network functions, applications, or other services.

Subscriber data management explained

SDM ensures that the vastly diverse subscriber data generated by today’s multi-generational networks can be ingested, stored, provisioned, and accessed by the network’s functions and connected apps in near real-time.

UDC (User Data Consolidation) is the Ericsson solution for SDM.

Three different layers as part of the UDC solution are:

  • Data Provisioning layer, with EDA (Ericsson Dynamic Activation)
  • Data Storage layer, with CCDM (Cloud Core Data-Storage Manager)
  • Subscription Management layer, with front-end functionality that varies by technology: HLR-FE for 2G and 3G networks, HSS-FE for 4G (EPC) and IMS networks, and CCSM (Cloud Core Subscription Manager) for 4G and dual-mode 5G Core

Today’s evolution to 5G’s cloud-native service-based architecture unleashes new possibilities for SDM. It ensures that SDM functions can be scaled and orchestrated more efficiently, securely, and flexibly across the network as microservices.

The benefits of cloud-native SDM are game-changing. They fuel more agile, efficient, and secure service delivery of advanced 5G use cases such as differentiated and exposure services, edge computing, cellular IoT, and dedicated enterprise- and mission-critical networks.

SDM solution
Got the basics on SDM covered?

Explore our market-leading cloud-native SDM solutions.

Explore now

How cloud-native subscriber data management works: the basics

The key components of today’s cloud-native SDM are:

  • Cloud Core Subscription Manager (CCSM) – part of the network’s control plane – interoperates with other network domains to orchestrate the subscription management
  • Cloud Core Data Storage Manager (CCDM) – part of the network’s data layer – the secure centralized repository
  • Ericsson Dynamic Activation (EDA) – also part of the network’s data layer – the provisioning platform for activating telecommunications services in heterogeneous network environments
Subscriber data handling for cloud-native SDM

Subscriber data handling for cloud-native SDM

CCSM, CCDM, EDA - discovering the upsides

The key components of today's cloud-native subscriber data management, such as CCSM, CCDM, and EDA, focus on subscriber data from different angles and act on them differently. Despite their varied approaches, they share the common intent of delivering seamless, efficient, and secure services to subscribers. All the components take advantage of the cloud-native paradigm: ease of management, self-healing, and auto-scaling.

Subscriber-related data is ingested into the networks through data pipelines and a harmonized data ingestion architecture. Data discovery and the ability to control quality and data life cycle are inherent capabilities of the subscription management architecture. They build trustworthiness for the benefit of every application that consumes the data.

As part of the subscription management process, subscriber-related data is requested, delivered, managed, and provisioned for network access through unified data management (UDM) or legacy HSS and HLR, where authentication and security mechanisms ensure controlled access.

The UDM solution helps to manage and process subscriber data, facilitating authentication and user identity management. This ensures a harmonized service experience for different types of users (eMBB, MIoT, C-IoT, RedCap) over different access technologies (2G/3G/4G/5G/WiFi) with service continuity.

Subscriber-related data is securely stored in a single centralized repository, safeguarded by extreme redundancy mechanisms that include advanced triple geo-redundancy.

Today’s modern user data storage solutions enable the integration of multi-generational data from 5G and legacy 2G/3G/4G networks into a single unified data model, supporting virtual (VNFs) and cloud-native (CNFs) network deployments.

As part of this solution, a new unified data repository (UDR) consolidates the storage of all subscriber data, including data stored across legacy home location register (HLR) and home subscriber server (HSS) solutions.

Stored subscriber data is structured, segmented, and provisioned to any network function, application, or other service that requires it for a given task. This is performed on demand and in real time through APIs or protocols, ensuring that data can be moved across the network wherever needed.

As part of 5G’s service-based architecture, a centralized network repository function (NRF) ensures that network functions can deploy and scale more efficiently and dynamically based on application and traffic demands.

Flexible provisioning platforms, such as Ericsson Dynamic Activation (EDA), ensure rapid and automated activation of mobile and fixed network services for both legacy core and 5G cloud-native, with high availability, resilience, and scalability to handle high-throughput service activations.

Also, being a single-entry point for BSS, EDA eases the integration effort in business support systems (BSS) when introducing new service offerings to subscribers.

CCSM, CCDM, EDA - discovering the upsides

Your ultimate guide to cloud-native networks

Kick-start your transformation journey with our cloud-native 5G Core network guide series.

Explore the series
Your ultimate guide to cloud-native networks

What data does SDM manage?

Cloud-native SDM enables a simplified data layer architecture with one common data repository for all network domains and slices. This covers multiple types of structured and unstructured data, including all legacy and modern network subscription profiles and more.

Subscription data typically includes identification information such as user IDs, international mobile subscriber identity (IMSI), and mobile station international subscriber directory number (MSISDN), as well as subscription details such as service plans, billing profiles, usage quotas, and associated policies.

Authentication data covers cryptographic keys and credentials for secure communication, as well as protocol-specific data for authentication mechanisms, for example, 5G-AKA (Authentication and Key Agreement) for 5G or EAP-AKA (Extensible Authentication Protocol for Authentication and Key Agreement) for WiFi.

Network configuration data includes access preferences such as preferred and allowed networks, roaming restrictions, and access point names (APNs), as well as service settings such as quality of service (QoS) parameters.

Policy and charging data pertain to policy rules such as traffic prioritization, service restrictions, and bandwidth allocations, as well as charging data such as billing cycles and subscriber call and/or data usage.

Mobility data includes data collected via home location register (HLR) in 2G/3G, the home subscriber server (HSS) in 4G, and the user plane function (UPF) in 5G networks, as well as information on handovers and other mobility events across the network.

Application data pertains to data collected from specific applications that run on the network, such as individual device status across IoT services. It also typically includes data specific to enhanced services such as VoLTE, VoWiFi, or streaming services.

Subscriber behavioral data, including subscriber session data and usage preferences, is also ingested, stored, and provisioned through SDM.

2G/3G/4G SDM vs 5G cloud-native SDM

In previous mobile generations, SDM functions were typically deployed physically or virtually across multiple distributed and isolated repositories, each with a corresponding application.

Today, the advent of 5G Core networks and cloud-native service-based architecture enables an entirely new approach to data management.

In this new microservice reality, unified data storage and centralized subscription management services are split and fully connected to the rest of the network entities through open and standard service-based interfaces. Both are shared across multiple network domains and slices, covering many types of data, multiple types of devices, and multiple types of access (2G/3G/4G/IMS/5G) as part of the same cloud-native SDM domain.

Evolution of subscriber data management from distributed monolithic deployments to today’s cloud-native data layer

Evolution of subscriber data management from distributed monolithic deployments to today’s cloud-native data layer

Cloud-native SDM and 5G

The game-changing emergence of cloud-native 5G Core moves networks beyond the traditional constraints of virtual network functions into an era where cloud-native network functions can be orchestrated, provisioned, and scaled with unrivaled speed, agility, and efficiency.

Cloud-native SDM is an essential building block of high-performance 5G networks. It is the key to enabling the stringent and dynamic performance requirements of advanced 5G use cases, and it also lowers the cost of operations and capital outlay.

Benefits of Ericsson cloud-native SDM

Our fully cloud-native SDM solutions, part of our market-leading cloud-native portfolio, give you the tools to maximize your value proposition in 5G markets and beyond.

Delivering multi-access support of all network generations, with pre-verified interaction between virtual 2G/3G/4G deployments and the latest cloud-native 4G/5G deployments, Ericsson cloud-native SDM equips you with a single hybrid domain to manage yesterday’s, today’s, and future subscriber data in a cost-efficient way.

Cloud-native SDM leverages 5G service-based architecture to enable real-time, agile, and scalable orchestration of SDM components as microservices across the network, making it easier to roll out and scale up new on-demand 5G services.

Cloud-native SDM is key to realizing advanced 5G use cases such as 5G voice services, network slicing, and edge computing. It ensures that SDM microservices can be processed closer to the application for real-time execution.

Cloud-native SDM creates a common multi-mode data repository for all subscriber-related data across 2G, 3G, 4G, 5G, and fixed networks, simplifying the network architecture and lowering capital expenditure.

Cloud-native SDM enables greater agnosticism between applications and the network’s underlying infrastructure, allowing for greater deployment flexibility, easier implementation, and portability. Data provisioning is also significantly simplified through a common point for data provisioning and a common operations and management platform for all SDM components.

Higher levels of orchestration and automation through capabilities like auto-scaling of microservices, auto-healing, auto-provisioning, and automated tests significantly reduce the need for manual intervention such as manual provisioning, fault management, and maintenance. This also considerably reduces network resources’ over-dimensioning, ensuring optimal capacity and resource allocation.

In-service software upgrade (ISSU) enables cloud-native network functions (CNFs) to be upgraded, downgraded, or rolled back through in-service software rollback (ISSR) while still processing traffic – with no capacity loss, no partial loss of network functionality, and no need for manual intervention.

Through a built-in automated migration procedure, our cloud-native SDM solutions are built to deliver a fast and automated migration of subscriber data from legacy solutions into a cloud-native dual-mode common repository, thus ensuring an easy, safe, and cost-efficient migration project.

Cloud-native SDM enhances access to subscriber data for external exposure and analytics, reducing data duplication and inconsistencies risks and avoiding multiple provisioning platforms with complex integration projects.

Multiple end-to-end security and authentication mechanisms reinforce the availability and robustness of data storage resources, safeguarding a network against malicious attacks and protecting subscriber data.

Advanced triple geo-redundancy and network-level overload protection mechanisms guarantee a higher availability of data and service continuity in the event of unexpected network issues, such as database failure or signaling overload. This prevents the need for a full restart or service interruption.

Cloud-native SDM is built to expand capabilities with artificial intelligence. It embraces cutting-edge artificial intelligence technologies seamlessly for greater efficiency, optimized performance, and transformative growth.

Cloud-native subscription and data management in 5G


Cloud-native SDM enables a smooth evolution from Evolved Packet Core to 5G Core architectures for the entire data layer, where the growing trend of 5G subscriptions will determine each service provider’s deployment strategy and speed. However, service providers that start that evolution journey earlier will benefit the most from a fully-fledged cloud-native core network for business success in 5G.

Learn more in our guide
SDM control plane and data layer domains in 5G

Ericsson’s cloud-native SDM for 5G Core

Ericsson’s cloud-native SDM solution is part of our dual-mode 5G Core offering. It supports multi-access of 5G standalone, non-standalone, and all previous generations in a single software platform.

The role of key subscription and data management functions in 5G Core architecture

The role of key subscription and data management functions in 5G Core architecture

Key enablers of SDM across our portfolio

Ericsson portfolio includes more network solutions and components that play a key role in enabling the secure, agile, and flexible ingestion, storage, management, and provisioning of subscriber data across today’s advanced cloud-native 5G Core networks.

Three essential solutions are: Cloud Core Data-Storage Manager, Cloud Core Subscription Manager, and Ericsson Dynamic Activation.

  • Cloud Core Data-Storage Manager (CCDM) – delivers unified data storage through combined Unified Data Repository (UDR) and Unstructured Data Storage Function (UDSF) network functions in a single product. Additionally, it is exposed to provisioning applications with a dedicated provisioning function.
  • Cloud Core Subscription Manager (CCSM) – delivers centralized subscription management based on combined Unified Data Management (UDM), Authentication Server Function (AUSF), Home Subscriber Server (HSS), Equipment Identity Register (EIR) network functions, and Hardware Security Module (HSM) in a single product.
  • Ericsson Dynamic Activation (EDA)  – provides for flow-through provisioning in both fixed and mobile domains with rapid activation of network and subscriber services. For native, virtualized, and hybrid environments, it allows operators to automate and manage all network and service configuration and activation activities.

Ericsson Cloud Core Data-Storage Manager (CCDM) and Ericsson Dynamic Activation (EDA)

Ericsson Cloud Core Data-Storage architecture

Ericsson Cloud Core Data-Storage architecture

Ericsson CCDM can support multiple types of structured and unstructured data, including several standard interfaces connecting legacy and 5G application frontends. This ability to act as one common data repository for all network domains can optimize data storage resource usage. The one common provisioning is also secured by Ericsson Dynamic Activation (EDA) for simplified data management and configuration.

Ericsson CCDM also secures the high reliability of stored data with fast recovery time and minimized service impact if severe network issues arise, thanks to auto-healing, overload protection at the solution level, and triple redundancy mechanisms.

Read more

Ericsson Cloud Core Subscription Manager (CCSM)

Ericsson Cloud Core Subscription Manager architecture

Ericsson Cloud Core Subscription Manager architecture

Ericsson CCSM secures authentication consolidation and mobility management procedures in one common engine, reducing the impact of signaling processing in the different application frontends. Thanks to the flexible bundling of different application frontends in the same CCSM product, common microservice resources can be optimized and integration test activities can be reduced.

Service continuity for voice/data and SMS when moving from 2G/3G/4G to 5G network domains is secured through the support of advanced 3GPP interworking mechanisms. These mechanisms help support multi-vendor interworking procedures for cross-domain authentication, handover, IMS, and SMS communications.

CCSM also provides a premium solution for protecting subscriber authentication procedure. It combines Authentication Credential Repository and Processing Function (ARPF) with HSM cryptographic keys and the authentication vector generation engine.

In addition, CCSM includes an Equipment Identify Register (EIR), which protects subscribers’ physical integrity and identity and prevents calls from stolen or defective mobile stations through enhanced control over the identity of the mobile equipment.

Read more

Ericsson Dynamic Activation

Ericsson Dynamic Activation (EDA) is a proven provisioning platform that enables rapid and automated activation of services across multi-vendor, multi-technology, and multi-domain networks, ensuring high availability, resilience, and scalability to handle high-throughput service activations.

Built with flexible architecture that can be easily adapted to your unique business practices, it provides a single-entry point for business support systems. It also gives pre-verified provisioning to Ericsson 2G/3G/4G/IMS/Charging and dual-mode 5G core solutions to ease the integration effort in OSS/BSS when introducing new service offerings to end users.

Read more
Ericsson Dynamic Activation

Safeguarding subscriber data in a new cybersecurity reality

As the complexity and frequency of cyberattacks grow worldwide, service providers face increasingly urgent and acute demands to protect the network and safeguard subscriber data. Security measures must effectively address a surge in new use cases, new devices, and the move beyond consumer mobile broadband to industries and enterprises.

Ericsson’s Cloud Core Subscription Manager (CCSM) offers enhanced security of cryptographic keys and algorithms in addition to the 3GPP-standardized software protection solutions.

Ericsson Authentication Security Module

Ericsson Authentication Security Module is an optional component of CCSM. It enables the process of moving the sensitive components of the authentication software – including cryptographic keys, identifiers, credentials, and encryption algorithms – into an external, dedicated hardware storage environment for premium protection.

This provides centralized management of the authentication procedure and combines the 3GPP ARPF and HSM into the CCSM product, offering:

  • a consolidated solution for multiple accesses (3G/4G/5G) via the authentication credential repository and processing function (ARPF)
  • a hardware security module (HSM) for physical storage and lifecycle management of cryptographic keys and algorithms
  • full compliance with relevant security standards, regulations, and requirements
  • full integration into Ericsson’s dual-mode 5G Core, delivering network efficiency and deployment flexibility
HSM security in 5G Core networks

HSM security in 5G Core networks

Ericsson Authentication Security Module offers premium security to enhance end-user privacy protection in the 5G era by integrating Hardware Security Module (HSM) into Ericsson’s dual-mode 5G Core solution.

Learn how

Insights and perspectives

Cloud-native subscription and data management in 5G

Read our guide to mastering data and subscribers’ handling in multi-access core networks.

Read now

Explore related technologies

5G Core

5G Core

5G Standalone

5G Standalone

Telecom analytics

Telecom analytics

OSS/BSS

OSS/BSS

Cloud-native networks

Cloud-native networks

Cloud infrastructure

Cloud infrastructure