Title :
Secure Universal Plug and Play network
Author :
Pehkonen, Vesa ; Koivisto, Juha
Author_Institution :
VTT Tech. Res. Centre of Finland, Espoo, Finland
Abstract :
Universal Plug and Play (UPnP) is a set of specifications to enable and simplify the networking of electronic devices. UPnP does not generally provide any security and assumes that only trusted devices have access to the network. For networks where untrusted devices have to be taken into account, this paper proposes a secure UPnP network architecture, including key management. The architecture uses Transport Layer Security (TLS) to secure all TCP traffic, which carries most of UPnP messages. To establish a TLS session, each node must have an X.509 certificate for authentication. Certificates are granted by a local Certificate Authority (CA) but only if the Administrator has accepted the new node. UPnP discovery phase uses User Datagram Protocol (UDP) where it is not possible to use TLS, but we encrypt UDP data. UDP encryption key is shared by the whole network and distributed using TLS. We verified the architecture by implementation.
Keywords :
computer network security; cryptography; protocols; TCP traffic; UDP encryption key; certificate authority; electronic devices; secure universal plug and play network; transport layer security; user datagram protocol; Computer architecture; Encryption; Protocols; Servers; Software; UPnP; key management; network security; security;
Conference_Titel :
Information Assurance and Security (IAS), 2010 Sixth International Conference on
Conference_Location :
Atlanta, GA
Print_ISBN :
978-1-4244-7407-3
DOI :
10.1109/ISIAS.2010.5604189
