research-article

Free access

A secure service infrastructure for interconnecting future home networks based on DPWS and XACML

Authors:

Andreas Müller,

Holger Kinkelin,

Sunil Kumar Ghai,

Georg CarleAuthors Info & Claims

HomeNets '10: Proceedings of the 2010 ACM SIGCOMM workshop on Home networks

Pages 31 - 36

https://doi.org/10.1145/1851307.1851315

Published: 03 September 2010 Publication History

PDF eReader

Abstract

Home networks differ from most other networks since they are usually administrated by inexperienced users. Today, protocols such as Universal Plug and Play (UPnP) support zero-configuration networking and are used for data-sharing and entertainment. However, security mechanisms are neglected and are not integrated into current UPnP devices. This becomes even more of an issue when we think of future interconnected home networks where many users and devices will interact. A possible successor of UPnP, the Devices Profile for Web Services (DPWS), is built upon the standard Web-Services(WS) stack and thus also provides WS-Security. However, the configuration of fine-grained access rights for DPWS actions (e.g. for browsing through a media collection) is not defined. This paper describes how to use DPWS and the security framework XACML as a basis for a secure service infrastructure for future home networks. Templates for policies can be auto-generated and a trust model based on X.509 certificates is used for identifying devices and for the interconnection of multiple home networks.

References

[1]

D. Driscoll and A. Mensch. DPWS Version 1.1. OASIS Standard Specification, July 2009.

Google Scholar

[2]

C. Ellison. DeviceSecurity:1 Service Template. http://www.upnp.org/, 2003.

Google Scholar

[3]

B. N. et.al. UPnP RemoteAccess. http://www.upnp.org/specs/ra/, 2009.

Google Scholar

[4]

T. U. Forum. Universal Plug and Play. http://www.upnp.org, 2003.

Google Scholar

[5]

S. Islam and J. W. Atwood. A Policy Framework for Multicast Group Control. IEEE CCNC 2007, Las Vegas, USA, May 2007.

Digital Library

Google Scholar

[6]

J.-F. Martinez and M. L. et.al. A security architectural approach for DPWS-based devices. CollECTeR Iberoamerica 2008, 2008.

Google Scholar

[7]

T. Moses. XACML Version 2.0. OASIS Standard Specification, February 2005.

Google Scholar

[8]

A. Müller, H. Kinkelin, S. Ghai, and G. Carle. An Assisted Device Registration and Service Access System for future Home Networks. IEEE IFIP Wireless Days 2009, Paris, December 2009.

Digital Library

Google Scholar

[9]

A. Müller, A. Klenk, and G. Carle. ANTS - A Framework for Knowledge based NAT-Traversal. IEEE Globecom 2009, Honolulu, November 2009.

Digital Library

Google Scholar

[10]

A. Nadalin, C. Kaler, R. Monzillo, and P. Hallam-Baker. Web Services Security 1.1. OASIS Standard Specification, February 2006.

Google Scholar

[11]

E. Toktar, E. Jamhour, and C. Maziero. RSVP Policy Control using XACML. IEEE POLICY 2004), June 2004.

Crossref

Google Scholar

Cited By

View all

Fysarakis KMylonakis DManifavas CPapaefstathiou I(2018)Node.DPWSIEEE Software10.1109/MS.2015.15533:3(60-67)Online publication date: 29-Dec-2018
https://dl.acm.org/doi/10.1109/MS.2015.155
Fysarakis KSoultatos OManifavas CPapaefstathiou IAskoxylakis I(2018)XSACdCross-domain resource sharing & access control for smart environmentsFuture Generation Computer Systems10.1016/j.future.2016.05.02380:C(572-582)Online publication date: 1-Mar-2018
https://dl.acm.org/doi/10.1016/j.future.2016.05.023
Fysarakis KPapaefstathiou IManifavas CRantos KSultatos O(2014)Policy-based access control for DPWS-enabled ubiquitous devicesProceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA)10.1109/ETFA.2014.7005233(1-8)Online publication date: Sep-2014
https://doi.org/10.1109/ETFA.2014.7005233
Show More Cited By

Index Terms

A secure service infrastructure for interconnecting future home networks based on DPWS and XACML
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

Dynamic service composition in home appliance networks

The proliferation of networked appliances and the complex functions they provide make it ever harder for a specialist, let alone an ordinary home user, to configure them to provide a given service. The use of flexible middleware architectures, combined ...
Secure and Authenticated Access to LLN Resources Through Policy Constraints
Information Security Theory and Practice
Abstract
Ubiquitous devices comprising several resource-constrained sensors and actuators while having the long desired Internet connectivity, are becoming part of many solutions that seek to enhance user’s environment smartness and quality of living. ...
Dynamic Deployment of Embedded Services for DPWS-enabled Devices
CMCSN '12: Proceedings of the 2012 International Conference on Computing, Measurement, Control and Sensor Network

Service-Oriented Architecture approach is extended gradually from the enterprise level to the device level. It encapsulates the functions of devices in the form of web services in the device layer in order to enhance the interoperability and openness ...

Comments

Information & Contributors

Information

Published In

HomeNets '10: Proceedings of the 2010 ACM SIGCOMM workshop on Home networks

September 2010

70 pages

ISBN:9781450301985

DOI:10.1145/1851307

Program Chairs:
Christos Gkantsidis
Microsoft Research, Cambridge, UK
,
Konstantina Papagiannaki
Intel Labs Pittsburgh, USA
,
Theodoros Salonidis
Technicolor, France

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 September 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGCOMM '10

Sponsor:

SIGCOMM

SIGCOMM '10: ACM SIGCOMM 2010 Conference

September 3, 2010

New Delhi, India

Acceptance Rates

Overall Acceptance Rate 12 of 26 submissions, 46%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
298
Total Downloads

Downloads (Last 12 months)42
Downloads (Last 6 weeks)8

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fysarakis KMylonakis DManifavas CPapaefstathiou I(2018)Node.DPWSIEEE Software10.1109/MS.2015.15533:3(60-67)Online publication date: 29-Dec-2018
https://dl.acm.org/doi/10.1109/MS.2015.155
Fysarakis KSoultatos OManifavas CPapaefstathiou IAskoxylakis I(2018)XSACdCross-domain resource sharing & access control for smart environmentsFuture Generation Computer Systems10.1016/j.future.2016.05.02380:C(572-582)Online publication date: 1-Mar-2018
https://dl.acm.org/doi/10.1016/j.future.2016.05.023
Fysarakis KPapaefstathiou IManifavas CRantos KSultatos O(2014)Policy-based access control for DPWS-enabled ubiquitous devicesProceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA)10.1109/ETFA.2014.7005233(1-8)Online publication date: Sep-2014
https://doi.org/10.1109/ETFA.2014.7005233
Rantos KPapanikolaou AFysarakis KManifavas C(2012)Secure policy-based management solutions in heterogeneous embedded systems networks2012 International Conference on Telecommunications and Multimedia (TEMU)10.1109/TEMU.2012.6294723(227-232)Online publication date: Jul-2012
https://doi.org/10.1109/TEMU.2012.6294723
Chen ZHuang HYan J(2012)Extending UPnP/DLNA Feature for Video Sharing WebsitesProceedings of the 2012 Fifth International Joint Conference on Computational Sciences and Optimization10.1109/CSO.2012.131(573-576)Online publication date: 23-Jun-2012
https://dl.acm.org/doi/10.1109/CSO.2012.131
Muller AMiinz GCarle G(2011)Collecting router information for error diagnosis and troubleshooting in home networksProceedings of the 2011 IEEE 36th Conference on Local Computer Networks10.1109/LCN.2011.6115547(764-769)Online publication date: 4-Oct-2011
https://dl.acm.org/doi/10.1109/LCN.2011.6115547
Fysarakis KKonstantourakis CRantos KManifavas CPapaefstathiou I(undefined)WSACd - A Usable Access Control Framework for Smart Home DevicesInformation Security Theory and Practice10.1007/978-3-319-24018-3_8(120-133)
https://dl.acm.org/doi/10.1007/978-3-319-24018-3_8

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Dynamic service composition in home appliance networks

Secure and Authenticated Access to LLN Resources Through Policy Constraints

Dynamic Deployment of Embedded Services for DPWS-enabled Devices