UPnP Forum and GatewayUPnP Forum and Gateway committee overviewcommittee overviewMarch 15, 2010Mika Saaranen – NokiaUPnP Gateway ChairMark Baugher–Cis
Security in Gateway V1• IGD and other UPnP DCPs have had the option of iUPPDiS itfth t6using UPnP Device Security for the past 6 years• This is a high
Gateway v2 overview• Enhanced security by new DeviceProtection service li d t ll IGD i bl d tiapplied to all IGD variables and actions• Enhanced portm
Addressing Security in V2• Threats: Malicious edits to critical configuration variablesDiP i ibli(hid)•DeviceProtection service uses public(unauthenti
Security in Gateway V2• Gateway v2 will use UPnP Device Protection• Does not require a third-device as a security console• Uses X.509 certificates and
Access Controls in IGD:2Access control is definedAccess control is defined• For all IGD ActionsThree levels of access• Admin•Basic• PublicBetter overa
UDA Annex A IPv6 Changes• IPv6 support in UDA 1.0 and 1.1 evolved with the li t d devolving standard• Deprecation of site-local addressing• Developmen
Time tableThis presentation covers on-going work and may change before publication Target timeline is:change before publication. Target timeline is:•
Summary• IGD:2 introduces two new services:•DeviceProtection :1 to enable authentication and accessDeviceProtection :1 to enable authentication and ac
Technical details
WANIPCONNECTION:2
IntroductionIntroduction• This is a public presentation of the the UPnP Forum’s Gateway workthe UPnP Forum’s Gateway work • The contents of this prese
Key Use CasesKey Use Casesz Use case #1 Add portmappingUser has an application that needs to be contacted from thezUser has an application that needs
List of Key changes Features -actionsz DeletePortMappingRange() allows removing a range ft iof portmappingsz GetListOfPortmappings() allows retrieving
List of Key changes Features New –state variablesz SystemUpdateID is used to track changes in NAT tiportmappingsz A_ARG_TYPE_MANAGE is a parameter use
List of Key changes Features –policy changesz PortmappingLeaseTime can have values between 1 to 604800 secondssecondsz If control point uses value 0 t
DeviceProtection:1Vic Lortz (Intel) chair of UPnP Gateway security Task ForceyMika Saaranen (Nokia), Chair of UPnP Gateway committeey
Background• Ease of use is generally at odds with secure use• People find that passwords and other authentication methods are a challenge to manage on
Basic Security Requirements1. Simple to understand and useMt l th ti ti2.Mutual authentication3. Access control4. Privacy5Align with widely-supported
Device Protection Properties1. Trust based on physical proximity and access¾ Such as reading a PIN¾ Pushing a button,¾ NFC touch, etc.2. Bootstraps st
Trust Boostrapping by Introduction1. Pair-wise introductionPINbdDeviceDeviceA.PIN-based, run onceB. Establishes trust in self-signed certs of both Dev
Securing the Control PlaneDeviceSecure URLStart TLS TLS HandshakeProtocolto HTTPSRecordProtocolfor UPnPControl URLActionsUser Control Point
What is UPnP Technology1. UPnP Technology is an open international ISO/IEC standard for device & service discovery & control of devices on an
D-P Functional Block DiagramACLD-PD-PervicesTLSserviceOtherEmbeddeddevicesTLSLogicOther seTLSlogicCertOtherservicesTLSlogicCertDEVICE CONTROL POINT
IGD User ExperienceIGD User Experience Scenario
IGD ScenarioIGDIGDControl Pointw CP on laptop and IGD are already connected to an IP network (may be wired or wireless)U i t d CP t IGD (IGD d CP hwUs
Example Setup UI FlowSetup…Setup…CP’s GUICP’s GUIGatewayXYZGatewayXYZ1234567812345678Please enter GatewayXYZ’s SETUP PIN number.Please enter GatewayXY
Administrator Login (rarely needed)SettingsSettingsIGDIGD……TLS connectionTLS connectionTLS connectionTLS connectionConfiguration UIConfiguration UIAdv
Concept UI of Administrative CPAdvanced SettingsAdvanced SettingsStP i iStP i i**************Administrator Password: Administrator Password: Set Permi
SOAP Actions & Roles for the D-P Service• SendSetupMessage() [Public] • GetSupportedProtocols() [Public] GetAssignedRoles() [Public]•GetAssignedRo
Summary1. CPs and Devices authenticate each other using certificates, users of shared CPs can also authenticate with Username/password over TLSADevice
WANIPv6FirewallControl:1Mika Saaranen, NokiaFabrice Fontaine OrangeFabrice Fontaine, OrangeMark Baugher, Cisco
Introduction• It is expected that massive roll-outs of IPv6 will start itlfin next couple of years• In IPv6, we likely won’t have NATs, but it seems t
Diversity of UPnP Vendors & Products1. Acer Aspire Laptop PC series2. Buffalo HS-DS Network Attached Storage (NAS) series3. Canon Digital Camera D
Key use casesz Use case #1 Add pinholeUh liih d b dzUser has an application that needs to be contacted from the internetz Usually, no user interaction
State variables• FirewallEnabled : is firewall enabled• InboundPinholeAllowed : Can pinholes be created• OutboundPinholeTimeout : How long a pinhole c
Actions• GetFirewallStatus() : returns information if the fi ll i ti d i h l b t dfirewall is active and new pinholes can be created• GetOutboundPinho
Summary• IGD:2 has release target in Q4/2010 including:• WANIPConnection:2• DeviceProtection:1•WANIPv6Firewall control:1WANIPv6Firewall control:1• Pre
For the interconnected lifestyle
UPnP Working Committees• UPnP protocols are developed in UPnP Working CommitteesCommittees• There are many past and present WCs including• Audio/Video
What is UPnP?•UPnP Addressing •UPnP Control•UPnP Addressing •UPnP Control•UPnP Discovery •UPnP Eventing•UPnP Description•UPnP Devi
UDA OverviewUPnP Discovery•Device sends SSDP Notify •Control Point sends SSDP MSearch messagesAnnouncementsSSDP MSearch messages•Devices respond with
The Risks of Home Networking• Home networks face risks• Well-known admin passwordsHome networks are vulnerable to malware and war driverspasswords• Li
Gateway V1 overview• Manage and configure physical connections e.g. tdi tconnect or disconnect• Automatic and seamless configuration of Internet acces
Comments to this Manuals