UPnP Forum Enhances Secured Management for Service Providers to UPnP Devices
New Specifications Enable Standardized End-to-End Management to the Home Network
Beaverton , Ore., USA – 17 May 2012: UPnP Forum today announces the adoption and publication of its new Standardized DeviceManagement:2 Device Control Protocols (DCPs), as it continues its work in standardizing and managing the operation of LAN IP devices within the home network. The new DCPs enhance the existing DeviceManagement:1 specification and also add security features adopted from Device Protection specifications.
UPnP Forum’s Device Management protocols are a key missing link in enabling end-to-end management of connected devices in the home. Service provider provisioned devices such as gateways and set-top boxes have long supported management based on standards such as Broadband Forum’s TR-069. However, with the growth of services being delivered around the home to retail third party devices (tablets, Smart TVs, etc.), there has been a need to enable management of the service end-to-end from the back-end to the end device. UPnP Forum’s Device Management protocols are the industry solution for bridging existing back-end device management standards to the third party retail devices in the home network.
The latest version builds on the success of DeviceManagement:1 DCPs, which were published in July 2010 to enable and allow for the management of UPnP Certified devices. The functionality provided by DCPs is to cover management needs such as diagnostics, configuration and software management:
Diagnostic – This feature allows device maintenance, device “self-test” with state retrieval, IP connectivity diagnostic, and log files handling.
Configuration and Status Management – This feature allows device data model manipulation (retrieval, modification and extension), and event monitoring.
Software Management – This feature allows software modules operations (installation, updating, removal) and applications control (start and stop).
The DeviceManagement:2 DCP improves these with enhanced features, specifically alarm management and bandwidth testing. The event management on parameter value change now enables not only the identification of an alarm, but also the reasoning behind the alarm and notifications. With improved bandwidth testing capabilities, DeviceManagement:2 also enhances diagnostics in order to resolve problems on the network, enabling the smooth flow of data between devices.
Security is a key requirement of Device Management, since without security, control points can invoke any management actions that are enabled. The implementation of DeviceManagement:2 in devices will prevent unauthorized invoking of device management actions and will help avoid potential attacks, by providing secure communication channels between network nodes, control points and devices.
Based on the UPnP Device Protection specifications, security relies on industry-standard protocols such as TLS, and enables fine-grained management control by providing ‘roles’ and ‘access control’ lists, and removing any user concerns surrounding delegating home network management to third parties. Device Protection is designed to allow a device to expose some parts of its services to legacy and unauthenticated control points and restrict other parts to only authenticated and authorized control points. These specifications can be embedded in any device type that exposes sensitive information or UPnP control operations that need to be protected from unauthorized access.
Dr. Alan Messer, UPnP Forum President and Chairman, commented: “These new protocols extend our commitment to preventing unauthorized control points from managing UPnP devices, and facilitate the introduction of detailed and specific management operations for network device manufacturers.”
“For service providers, these DCPs define rules to ensure that certain specific actions and resources will only be managed by an authorized control point. In addition, its use will allow multiple service providers to each manage their own area of interest, thereby minimizing the possible unwanted side effects of such multi-party activity.”
Bernard Peigné, Senior Standardization Manager for “Home Network and Devices” at Orange and UPnP Forum steering committee member said: “Orange is already remotely managing millions of residential gateways (the Livebox, set-top boxes and associated services). UPnP Device Management is a complementary tool for customer support and self-care that enables service providers to develop the diagnostics, installation and configuration capabilities of digital home devices. Orange has been one of the leading companies in this domain for several years and has developed a secure range of APIs that allow additional Orange services to be introduced in an open environment with off-the-shelf connected devices while guaranteeing the best user experience.”
Dr. Messer concluded: “With such a large ecosystem and rapidly accelerating expectations, updating existing DCPs and creating new DCPs is vital for standardizing and managing the operation of LAN IP devices within the home network. The invaluable efforts of our Device Management Working Committee and the adoption of these DCPs by the Steering Committee paves the way for a new era in assured, protected and transparently managed in-house networks.”
For further information about UPnP Forum please go to www.upnp.org. Alternatively, if you have any general questions please email upnpfeedback@forum.upnp.org.
About UPnP Forum
UPnP Forum, established in 1999, is a global industry group of 950-plus leading companies and organizations working to enable device-to-device interoperability and facilitate easier and better home networking. It promotes the adoption of uniform technical device interconnectivity standards and certifies devices conforming to these standards. UPnP Forum is an impartial group enabling member companies to participate and develop extensions to (a) the UPnP Device Architecture, which defines how to use IP to communicate between devices, and (b) Device Control Protocols (DCPs), which are services between devices. Members of UPnP Forum include market leaders in computing, printing and networking, consumer electronics, home appliances, automation, control and security, and mobile products.
