Multilevel security in UPnP networks for pervasive environments

Security has become a critical concern in pervasive environments, since personal information can be available to malicious users. In this context, some of the major drawbacks in UPnP architecture are the user authentication and service access control, which are not suitable for pervasive environments. Moreover, the inherited heterogeneity of pervasive environments brings different security and privacy requirement concerns depending on the environment and the services provided. This paper introduces a UPnP extension that not only allows multilevel user authentication for pervasive UPnP services, but also provides a flexible security approach that adapts to the network. What is more, it offers a seamless security level negotiation protocol 1 .