HTTP, SOAP, and XML on top of IP to discover and communicate with other devices in the network.
UPnP works in the following manner:
Getting Address
Each device connecting to a network must have an IP address. When a UPnP device connects to a network, it can obtain its IP address in mainly two ways. It can implement a DHCP Client and search and connect to a DHCP server in the network. Or it can use a process called AutoIP to assign itself an IP address. If, during DHCP transactions, the device obtains a domain name through a DNS server, it uses that. Otherwise, it uses its IP address for subsequent network operations.
Discovery of the device
UPnP uses a protocol named Simple Service Discovery Protocol or SSDP to advertise its services to control points. UPnP control points are devices that use UPnP protocol to control UPnP-controlled devices. When a control point is added to a network, it can actively search for UPnP devices in the network or passively listen to SSDP messages sent by a UPnP device.
Obtaining Device Description
At this point, the control point knows little about the new UPnP device in the network. To communicate with it, the control point retrieves the description of the device from the location (URL) provided by the UPnP device in its SSDP discovery message.
The UPnP device description is usually expressed in XML that includes vendor-specific manufacturer information like the model name, serial number, manufacturer name, etc. The control point can also retrieve a list of embedded services and a list of commands or actions to which the services respond, along with the parameters, arguments, or other necessary variables indicating data type, range, event characteristics, etc.
Controlling the UPnP device
Now, the control point can send suitable control messages to control the UPnP device. These control messages are expressed in XML using the Simple Object Access Protocol (SOAP).
Getting Event Notification
As said earlier, a UPnP description for a service includes a list of actions that the service responds to and a list of variables that model the service’s state at run time. When any of these variables change, the service publishes updates using event messages. The control point may choose to receive event notifications about that.
Device Presentation
If a UPnP device has a URL for presentation, the control point can retrieve a page from the URL, load it in a web browser, and allow a user to control the device or view its status.
Why is UPnP a security risk?
UPnP protocol, by default, does not implement any authentication and assumes local systems and their users are completely trustworthy. And, this can cause a security risk. If routers and firewalls running the UPnP IGD protocol do not implement authentication mechanisms, they become vulnerable to cyber attacks. For example, a particular version of Adobe Flash had a security vulnerability that was capable of …






0 Comments