Secure universal plug and play network

Vesa Pehkonen, Juha Koivisto

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

2 Citations (Scopus)

Abstract

Universal Plug and Play (UPnP) is a set of specifications to enable and simplify the networking of electronic devices. UPnP does not generally provide any security and assumes that only trusted devices have access to the network. For networks where untrusted devices have to be taken into account, this paper proposes a secure UPnP network architecture, including key management. The architecture uses Transport Layer Security (TLS) to secure all TCP traffic, which carries most of UPnP messages. To establish a TLS session, each node must have an X.509 certificate for authentication. Certificates are granted by a local Certificate Authority (CA) but only if the Administrator has accepted the new node. UPnP discovery phase uses User Datagram Protocol (UDP) where it is not possible to use TLS, but we encrypt UDP data. UDP encryption key is shared by the whole network and distributed using TLS. We verified the architecture by implementation. (9 refs.)
Original languageEnglish
Title of host publicationProceedings
Subtitle of host publicationSixth International Conference on Information Assurance and Security, IAS 2010
Place of PublicationPiscataway, NJ, USA
PublisherIEEE Institute of Electrical and Electronic Engineers
Pages11-14
ISBN (Electronic)978-1-4244-7409-7
ISBN (Print)978-1-4244-7407-3
DOIs
Publication statusPublished - 2010
MoE publication typeA4 Article in a conference publication
EventSixth International Conference on Information Assurance and Security, IAS 2010 - Atlanta, GA, United States
Duration: 14 Oct 2010 → …

Conference

ConferenceSixth International Conference on Information Assurance and Security, IAS 2010
Abbreviated titleIAS 2010
CountryUnited States
CityAtlanta, GA
Period14/10/10 → …

Fingerprint Dive into the research topics of 'Secure universal plug and play network'. Together they form a unique fingerprint.

  • Cite this

    Pehkonen, V., & Koivisto, J. (2010). Secure universal plug and play network. In Proceedings: Sixth International Conference on Information Assurance and Security, IAS 2010 (pp. 11-14). IEEE Institute of Electrical and Electronic Engineers. https://doi.org/10.1109/ISIAS.2010.5604189