Open Access

A UPnP extension for enabling user authentication and authorization in pervasive systems

  • Thiago Sales1Email author,
  • Leandro Sales2,
  • Hyggo Almeida1 and
  • Angelo Perkusich1
Journal of the Brazilian Computer Society201016:22

Received: 6 April 2010

Accepted: 14 September 2010

Published: 7 October 2010


The Universal Plug and Play (UPnP) specification defines a set of protocols for promoting pervasive network connectivity of computers and intelligent devices or appliances. Nowadays, the UPnP technology is becoming popular due to its robustness to connect devices and the large number of developed applications. One of the major drawbacks of UPnP is the lack of user authentication and authorization mechanisms. Thus, control points, those devices acting as clients on behalf of a user, and UPnP devices cannot communicate based on user information. This paper introduces an extension of the UPnP specification called UPnP-UP, which allows user authentication and authorization mechanisms for UPnP devices and applications. These mechanisms provide the basis to develop customized and secure UPnP pervasive services, maintaining backward compatibility with previous versions of UPnP.


Pervasive computingUniversal Plug and PlayAuthentication and authorization