In Universal Plug and Play Device Management (UPnP DM), security protection is carried out on a Universal Plug and Play (UPnP) device via a Device Protection (DP) mechanism defined by the UPnP protocol. In the DP mechanism, a user with administrator right generally has the highest access right on the UPnP device.
At present, service providers also want to be able to manage the UPnP device. The service provider disposes a UPnP DM Control Point (CP) on the gateway of the user in advance and implements the management on a terminal that supports UPnP DM via the UPnP DM CP on the gateway. If the user wants to use an advanced service on the terminal, the user first subscribes for the advanced service from the service provider and obtains the terminal that supports the service, wherein the terminal may be provided by the service provider or purchased by the user in a retail outlet, and the terminal also supports the UPnP DM function. The service provider installs remotely a software module (DU) for the advanced service on the terminal via the CP on the gateway, and the service provider expects that the software module can only be managed (including starting, stopping, uninstalling, etc.) by himself, and the user cannot manage the software module installed by the service provider.
However, the inventors find that in the UPnP security architecture, the user is the owner of the UPnP device, in other words, the user has the administrator right of the UPnP device. Since the administrator right has the highest right, the user may perform any operation, including the management on the software modules installed on the UPnP device by other users. At present, the problem lies in that in the current UPnP security architecture, when the service provider is authorized and installs the software provided by the service provider on the UPnP device, the software not only can be managed by the service provider, but also can be managed by the user. Thus the service provider cannot control the management operation of the user on the software, so that the management on the software is uncontrollable for the service provider.