Title :
HTTP digest authentication in embedded automation systems
Author :
Von Hoff, Thomas P. ; Crevatin, Mario
Author_Institution :
Corp. Res., ABB Switzerland Ltd., Baden, Switzerland
Abstract :
In automation systems, embedded web servers are often used for human machine interface (HMI) functionalities. Using the TCP/IP stack as communication protocol suite opens new opportunities to access the embedded web server. Therefore, an embedded web-server based HMI is very suitable for remote services as configuring, monitoring and control. However, a remote access requires security procedures. A security protocol that is able to deal with the limited resources of an embedded web server is HTTP (hypertext transfer protocol) digest access authentication (DAA). It provides a secure challenge/response mechanism for user authentication. Apart from this, its definition has foreseen other features which are not implemented in currently available servers, but could be very valuable to extend the application range of DAA. This paper outlines the general functionality of digest authentication defined by its RFC and investigates the most widely distributed implementations on server and browser side. The results of functionality and interoperability tests are presented.
Keywords :
Internet; embedded systems; hypermedia; message authentication; open systems; transport protocols; user interfaces; HTTP; Internet; TCP/IP stack; communication protocol; digest access authentication; embedded automation systems; embedded web servers; human machine interface; hypertext transfer protocol; interoperability; security protocol; Access protocols; Authentication; Automatic control; Automation; Communication system control; Humans; Remote monitoring; TCPIP; Testing; Web server;
Conference_Titel :
Emerging Technologies and Factory Automation, 2003. Proceedings. ETFA '03. IEEE Conference
Print_ISBN :
0-7803-7937-3
DOI :
10.1109/ETFA.2003.1247733
