Towards securing inter-device communication: Applying Inter-device Authentication and Authorization Framework to Home Appliances

Future networks everywhere will be connected to innumerable Internet-ready home appliances. A device accepting connections over a network must be able to verify the identity of a connecting device in order to prevent device spoofing and other malicious actions. In recent works, some major existing home network specifications consider device-specific security functions. For example, UPnP Security [1] has a sophisticated mechanism to guarantee personal ownership of a device. UPnP Security defines a special terminal device called “Security Console” to set up security configurations on each device remotely. UPnP Security also has an inter-device authentication and authorization mechanism using a public key pair, Security ID and ACL. Bluetooth [2] has a secure simple pairing mechanism to take ownership of a device. After the taking ownership of the device, two devices generate a shared secret (called a link key) for future mutual authentication. As mentioned above, some major specifications already consider a security mechanism for devices. We have also proposed a novel security mechanism not for human being but for devices [3]. In this report, we show a practical tiny security surveillance system for conventional home appliances to achieve our proposed inter-device authentication and authorization framework.