A UPnP extension for enabling user authentication and authorization in pervasive systems

The Universal Plug and Play (UPnP) specification defines a set of protocols for promoting pervasive network connectivity of computers and intelligent devices or appliances. Nowadays, the UPnP technology is becoming popular due to its robustness to connect devices and the large number of developed applications. One of the major drawbacks of UPnP is the lack of user authentication and authorization mechanisms. Thus, control points, those devices acting as clients on behalf of a user, and UPnP devices cannot communicate based on user information. This paper introduces an extension of the UPnP specification called UPnP-UP, which allows user authentication and authorization mechanisms for UPnP devices and applications. These mechanisms provide the basis to develop customized and secure UPnP pervasive services, maintaining backward compatibility with previous versions of UPnP.