The Digital Living Network Alliance (DLNA) is initiated and established by companies such as Sony, Intel and Microsoft etc., which is intended to solve interconnection and interworking between the wireless network and the wired network including personal PCs, consumer appliances and mobile devices.
The Universal Plug and Play (UPnP) is a core part of a easy-use design oriented “digital home” DLNA network protocol set, is an ordinary way for a device to be connected to the “digital home” network, is a common protocol for a device to communicate through the “digital home” network, and is established on a widely accepted and universally applied Internet protocol, and devices from different manufacturers can very easily work together, thus implementing sharing and computing contents “at any time and any location”. The UPnP defines the interoperability mechanism between devices in five aspects, i.e., addressing, searching, controlling, event and behavior of the device.
The UPnP defines that, after one device accesses a network and obtains an IP address, then the device broadcasts its service to the control unit on the network using a Simple Service Discovery Protocol (SSDP), after the control unit accesses the network and obtains an IP address, the control unit transmits one searching request to search for an interested device on the network using the SSDP protocol. Under both cases, the basic information exchange is discovery message, which only includes little information about the device, such as device type, device name and one pointer pointing to the Extensible Markup Language (XML) device description document.
After the control unit has “discovered” one device, it still knows little about the “device”, and at this time, it needs to find a description file of the device according to the Uniform Resource Locator (URL) of the device description document of the discovery message, and read more description information from these files. The range of the description information is very wide, and is generally provided by a manufacturer of the device. The description information of the device includes: a mode name and a mode number of the control, a device sequence number, a manufacturer name, a URL of the WEB of the manufacturer, and a URL of description information of the embedded device or service, and device control, device event and device expression. Such information is generally stored in a specific XML file.
After the control pointer finds the device description, an operation to be performed will be extracted from the description, and all services will be understood, and in order to control a certain device, the device point must first transmit one control behavior request, to request the device to start the service, and then transmit corresponding control message according to the URL of the device, the control message is the information of Simple Object Access Protocol (SOAP) format which is put in the XML file. Finally, the service will returns response information, to indicate whether the service is successful or failed.
Since the UPnP protocol does not define a security mechanism, the UPnP-enabled device is completely exposed to an unprotected state, such that any control unit which is in the same network segment as the UPnP device can operate the UPnP device, and therefore, how to ensure the security of the UPnP device becomes a problem to be solved.