ISO IEC 29341-13-10-2008 PDF

Full title and description

ISO/IEC 29341-13-10:2008 — Information technology — UPnP Device Architecture — Part 13-10: Device Security Device Control Protocol — Device Security Service. This part of the ISO/IEC 29341 series defines the Device Security Service and the Device Control Protocol actions required to provide strong authentication, authorization, replay prevention and privacy for UPnP SOAP actions on networked devices.

Abstract

Specifies the Device Security Service for UPnP Device Architecture: service definitions, state variables, and actions that implement ownership transfer, authentication and authorization, session key establishment and lifecycle, access control (ACL) management, certificate handling and protections for SOAP action privacy and integrity. Intended to enable secure control and management of UPnP devices in home, small business and public networks.

General information

• Status: Published (International Standard, confirmed).
• Publication date: November 2008 (published 27–28 November 2008 in ISO catalog records).
• Publisher: International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC), published under ISO/IEC JTC 1.
• ICS / categories: 35.200 — Interface and interconnection equipment.
• Edition / version: Edition 1 (2008-11).
• Number of pages: 84 (ISO publishing record).

Scope

Defines the Device Security Service model and Device Control Protocol actions needed to secure UPnP SOAP actions between Control Points and Devices. Scope includes mechanisms for taking ownership of a device, establishing session keys and sequence bases to prevent replay, managing Access Control Lists and certificate-based permissions, and specifying how SOAP messages are protected (signing/encoding) to ensure confidentiality and integrity in UPnP environments.

Key topics and requirements

• Ownership model and owner management actions (TakeOwnership, GrantOwnership, RevokeOwnership) to assign administrative control over a device.
• Authentication and authorization mechanisms for control points and services, including certificate handling and authorization certificates.
• Session key establishment and lifecycle actions (GetLifetimeSequenceBase, SetSessionKeys, ExpireSessionKeys) and sequence numbering for replay prevention.
• Access Control Lists (ACL): read/write/edit actions (ReadACL, WriteACL, AddACLEntry, DeleteACLEntry, ReplaceACLEntry) and permission language for granular rights.
• SOAP message privacy and integrity protections (use of XML-Signature, canonicalization and signing formats; guidelines for message encoding and cryptographic use).
• Service modeling and XML schema definitions for the DeviceSecurity service type (urn:schemas-upnp-org:service:DeviceSecurity:1) including state variables, actions and error codes.
• Interoperability and procedural flows (security ceremonies) for discovering secured devices, transferring ownership, delivering and renewing certificates, and factory-reset/security-reset behaviors.

Typical use and users

Used by UPnP device and firmware manufacturers, embedded systems and IoT developers, middleware and stack implementers, security console and control-point software vendors, and test/certification labs. Typical uses include implementing device-side security features, building control-point applications that manage device ownership and ACLs, and validating secure UPnP interoperability.

Related standards

Part of the ISO/IEC 29341 series (UPnP Device Architecture). Closely related parts include other Device Control Protocol parts in the 29341 family (for example, Part 13-11: Security Console Service and many other device- and service-specific parts in the series that define service templates and protocols across device types).

Keywords

UPnP, Device Security, Device Control Protocol, SOAP, authentication, authorization, ACL, session keys, replay prevention, XML-Signature, certificates, UPnP Device Architecture, ISO/IEC 29341.

FAQ

Q: What is this standard?

A: ISO/IEC 29341-13-10:2008 is the Device Security Device Control Protocol specification in the ISO/IEC 29341 (UPnP Device Architecture) series that defines the Device Security Service for UPnP-enabled devices.

Q: What does it cover?

A: It covers service definitions, state variables and actions for ownership/administration, authentication and authorization, session key management and replay prevention, ACL management, certificate handling and SOAP message privacy/integrity for UPnP devices.

Q: Who typically uses it?

A: Device manufacturers, firmware developers, UPnP stack implementers, control-point application developers, and conformity/test labs use the standard to implement and verify secure UPnP device behavior.

Q: Is it current or superseded?

A: The ISO catalog lists the publication as issued in November 2008 and shows the standard as published/confirmed; users should check the ISO catalog or their national standards body for the very latest status or any amendments before assuming currency for a specific project.

Q: Is it part of a series?

A: Yes — it is part of the ISO/IEC 29341 series (UPnP Device Architecture), which contains many part specifications that define device-control protocols and service templates for different device classes and services.

Q: What are the key keywords?

A: UPnP, DeviceSecurity, SOAP security, authentication, authorization, ACL, certificates, session keys, XML-Signature, replay prevention.