System and methods for access control based on a user identity

摘要

System and methods for access control in a Universal Plug and Play (UPnP) network are based on a user identity. A control point has an identity assertion capability for identifying a user. The control point is configured to declare a value of an attribute associated with the identity assertion capability. A device is communicatively coupled to the control point via the UPnP network. The device has a first access control list and a trusted-to-identify access control list (TIA). The device is configured to permit the user to perform one or more actions based upon whether the user identity appears as a subject in the first access control list.

主权项

1. A method for establishing access control in a Universal Plug and Play (UPnP) network based on a user identity, comprising:
initiating registration of a user in a security console; identifying the user in a control point that has an identity assertion capability, wherein the control point is configured to declare a value of an attribute associated with the identity assertion capability, and wherein declaring the value to be true indicates that the control point is capable ofauthenticating the user, and declaring the value to be false indicates that the control point is not capable of authenticating the user, and wherein the user is a person operating the control point;
communicating a user identification data to the security console; determining the user identity of the user based on the user identification data, wherein the user identity comprises at least a data field for identifying the user; and communicating the user identity to the control point.