The Study Of Three-Networks-Convergence-based Digital Home Network Architecture And Security Technolodies

Digital home refers to a kind of intelligent digital home which connects communication devices, computer devices, information appliances and security devices to monitor, control and manage using digital technique such as communication, TV and computer. With the progress of China’s Three Networks Convergence, the construction of Three-Networks-Convergence-based digital home network architecture is urgent demand now. At present, the digital home network constructed by Computer and Electronics industries have the disadvantages of low service collaboration ability, incompatibility of different technique and security structures. So this paper considers Three-Networks-Convergence-based digital home network architecture and security key technologies. They are as follows:(1)This paper analyses the centralized and distributed digital home network architecture proposed by standardization organizations, and points out their disadvantages. This paper adopts the idea of "dividing digital home network into different application domains, and making service and security centralized managed" to construct Three-Networks-Convergence-based digital home network architecture. It solves the problems of diverse service types and resources, difficult service collaboration and integration and device authentication, user authentication.(2)This paper analyses the existing security problems and requirements.Considersing remote user plane,home access plane.home device plane and home user plane, we design a digital home network reference model.Based on this, in order to make sure the certainty of home network devices, by analyzing device authentication mechanisms and shortcomings,proposes a PKI-based digital home network device authentication method.Analysis and verification show that this method can realize device authentication between intra-home devices,between inter-home devices and between home devices and remote terminals.(3)Based on the proposed digital home reference model, this paper proposes a Kerberos-based home user authentication method.Because Kerberos authentication method suffers the problems of replay attack, password guess attack, difficult secret key distribution and management, we use public key and random number mechanism to design an improved home user authentication method.Analysis and verification show that this method is simple and efficient.It dosen’t need synchronism of node’s clock time and can resist replay attack and password guess attack.Furthermore,it can solve the single point log-on problem. Based on the technologies above, we design and implement the digital home network security management system, and make system tests.Results show that this system can realize many fuuctions, such as user authentication and authorization, user management, device management and so on.It satisfied basic security requirements of Three-Network-Convergence-based digital home network. The research achievements have some reference values to the development of China’s digital home network technology and industry, and provide support to the standard design and application development.