1. Field of the Invention
The present invention relates generally to Universal Plug and Play (UPnP), or a middleware protocol for home networking, and more particularly, to a method and an apparatus for protecting personal information of users in a UPnP-based home network.
2. Description of the Related Art
In general, a home network, which consists of Internet Protocol (IP)-based private networks, connects and controls various types of devices used in a home, such as Personal Computers (PCs), intelligent products and wireless devices. These devices are connected to a single network through a common virtual computing environment called “middleware.”
The term “middleware” refers to software that connects various digital devices on a peer-to-peer basis and enables communication between the devices. Various types of technology, such as Home AV Interoperability (HAVI), UPnP, Java Intelligent Network Infra-structure (JINI), and Home Wide Web (HWW), have been proposed as middleware.
Since the addition of Plug and Play (PnP) functions to current operating systems, it has been very easy to install and set peripheral devices of PCs. UPnP, which has evolved from PnP, enables various home appliances and network devices, such as network printers and Internet gates, to perform networking, especially home networking. UPnP provides convenient functions to the entire network based on Internet standard technologies, such as Transmission Control Protocol/Internet Protocol (TCP/IP), Hyper Text Transfer Protocol (HTTP), and eXtensible Markup Language (XML).
A UPnP network consists of Controlled Devices (CDs), which are connected to and controlled by an IP-based home network. The UPnP is also consisted of Control Points (CPs) for controlling the CDs. The UPnP network performs communication between the CPs and the CDs through the use of a UPnP protocol stack structure that includes Internet protocols such as TCP/IP and HTTP, and technologies such as XML and Simple Object Access Protocol (SOAP).
In a first addressing step of UPnP communication, a CP and a CD have their own individual IP addresses. Upon joining the network, the CD fetches its IP address using a Dynamic Host Configuration Protocol (DHCP), or it is assigned an IP address using automatic IP addressing if there is no DHCP server in the network.
In a second discovery step, the CP searches for the CD, or the CD advertises its location. The discovery step is performed using a Simple Service Discovery Protocol (SSDP). If the CD is added to the network, the CD delivers an SSDP alive message to the network through IP multicasting. The CP can determine the presence/absence of the CD through the reception of the alive message. When the CP newly joins the network, the CP multicasts an SSDP Multicast-search (M-search) message to the network. All of the CDs, which checked the M-search message, send M-search response messages containing their own information to the CP.
In a third description step, the CP checks the description content of the CD. When the CP wants the CD after checking the response message, the CP may send to the CD a request for detailed information related to the CD. The CD, which has received the request, sends its information in an XML document.
In a fourth control step, the CP operates the CD by controlling a function of the CD. When the CP intends to control an arbitrary CD, the CP sends a desired service to the CD using SOAP, based on the detailed information related to the CD. SOAP is a protocol that is written on HTTP by XML for the purpose of invoking (or calling) a remote function.
In a fifth event step, the CP receives an event change of the CD. The CP sends a subscribe request for a relevant event to the CD when the CP desires to receive an event message from the CD. If the subscription is successful, the CD sends an event message to the CP using General Event Notification Architecture (GENA).
In a sixth presentation step, the CP presents a State of the CD using a Hyper Text Markup Language (HTML) of the CD.
FIG. 1 is a diagram illustrating device discovery and action execution in a conventional UPnP network system.
Referring to FIG. 1, in step 110, a CP 101 discovers or searches for a CD 102, or the CD 102 advertises its location. In step 120, the CP 101 sends an action request to the CD 102. In step 130, the CD 102 performs an action corresponding to the received action request. In step 140, the CD 102 provides a response to the CP 101 with the action result. More specifically, the CD 102 performs the requested action, and transmits the execution result for the action or an error message to the CP 101.
Based on the above-described basic UPnP control method, a UPnP CD can provide various services (or functions) to the CP. For example, based on the basic UPnP control method, a UPnP CP can control the UPnP CD in which Audio/Visual (A/V) content is stored, so that the A/V content can be played back in other UPnP CDs. When the UPnP CD is a gateway, the UPnP CP can change and set an IP address band and addresses of a subnet and a gateway, to be assigned to the devices in the home, by controlling the UPnP gateway, or the CD.
FIG. 2 is a diagram illustrating an event notification in a conventional UPnP network system.
Referring to FIG. 2, in step 210, a CP (or display device) 201 searches for a CD (or mobile phone) 202, or the CD 202 advertises its location. In step 220, the CP 201 sends a request for event reception/registration (or subscribes) to the CD 202. Upon receipt of the subscribe request, the CD 202 assigns a Subscribe ID (SID) in step 230, and delivers the assigned SID to the CP 201 in step 240. If an event occurs in the CD 202 in step 250, the CD 202 delivers the event to the CP 201 in step 260. If there is a change in an event-related state variable among state variables defined in association with respective UPnP services, the CD 202 delivers the relevant event to the CP 201 that sent the subscribe request.
FIG. 3 is a diagram illustrating a subscribe request message from a CP to a CD in a conventional UPnP network system. Methods and headers of the subscribe message follow the format defined in UPnP Device Architecture.
A UPnP telephony service can be provided to the CD as a UPnP service based on the above-described technology. In the telephony service, if an incoming call or a text message is received at a mobile terminal (or CD), the mobile terminal notifies the pertinent event to a display device (or CP). If the display device requests the received call information or text message information, the mobile terminal can provide the call information or text message information in response to the request.
However, because call information or text message information is delivered to the CP, event information from the CD to the CP may include a user's personal information. The result values for a UPnP action requested by the CP from the CD may also include a user's personal information stored in the CD. Thus, personal information of users enjoying the UPnP service may be leaked out.