Efficient and User Friendly Inter-domain Device Authentication/Access Control for Home Networks

  • Jin-Bum Hwang
  • Hyung-Kyu Lee
  • Jong-Wook Han
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4096)


Device authentication can reinforce the security of the home network services by ensuring that only specific authorized devices by specific authorized users can access the services. And it is also a mandatory technology for context-aware services in which users do not participate in the service flow. In this paper, we propose a device authentication and access control scheme based on two-layered PKI approach for efficient communication and user convenience. The two layers of our model are Global PKI layer and Localized PKI layer. Global PKI layer uses conventional PKI model. There is only one global root CA, and certificate verification is performed by validating the certificate-chain linked to the root CA. Otherwise, in Localized PKI layer, each home gateway takes a role of root CA which is responsible for issuing device certificates to the devices belong to its domain. We use Global PKI layer for device registration and authentication of inter-home-network, but use Localized PKI layer to authenticate each end-device. Based on this separating, our model provides secure, efficient and user friendly multi-domain device authentication protocols. We also provide a convenient access control scheme using Attribute Mapping Certificate.


Access Control Home Network Access Control Policy Access Control Model Client Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Jeong, Y., Yoon, K., Ryou, J.: A Trusted Key Management Scheme for Digital Rights Management. ETRI Journal 27(1), 114–117 (2005)CrossRefGoogle Scholar
  2. 2.
    Lee, J., et al.: A DRM Framework for Distributing Digital Contents through the Internet. ETRI Journal 25(6), 423–436 (2003)CrossRefGoogle Scholar
  3. 3.
    Device Authentication,
  4. 4.
    TrustConnector 2,
  5. 5.
    Bluetooth Core Specification v2.0 (2004),
  6. 6.
    ZigBee Specification v1.0 (December 2004),
  7. 7.
    OpenCable Security Specification (2004),
  8. 8.
    Gehrmann, C., Nyberg, K., Mitchell, C.J.: The personal CA - PKI for a personal area network. [Conference Paper] IST Mobile and Wireless Telecommunications Summit 2002, pp. 31–35 (2002)Google Scholar
  9. 9.
    Universal Plug and Play Forum,
  10. 10.
    Ellison, C.: UPnP Security Ceremonies Version 1.0. UPnP Forum (2003)Google Scholar
  11. 11.
    Hwang, J.-B., Kim, D.-W., Lee, Y.-K., Han, J.-W.: Two Layered PKI Model for Device Authentication in Multi-Domain Home Networks. In: Proc. of 10th International Symposium on Consumer Electronics (ICSE) (June 2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jin-Bum Hwang
    • 1
  • Hyung-Kyu Lee
    • 1
  • Jong-Wook Han
    • 1
  1. 1.Korea Electronics and Telecommunications Research Institute, KoreaUniversity of Science & Technology, KoreaKorea

Personalised recommendations