Security technologies based on a home gateway for making smart homes secure

摘要

Purpose - The purpose of this paper is to identify security technologies that are essential in making home network systems secure and to describe specialized security mechanisms for the home network and the relationships among them. Design/methodology/approach - The research model is designed to support three functions: authentication, authorization, and security policy. Authentication is tested in several methodologies such as id/pw, certificate, or bio; authorization is tested using RBAC methodologies; and security policy is specified using newly-designed script language, such as xHDL. Findings - The findings for "authentication" suggest that home network users can access services conveniently and securely. In addition, the findings for "security policy" suggest that security policy for home network requires specialized rather than general specification. Practical implications - The paper identifies three security functions essential for home network: authentication that supports most existing authentication mechanisms, so as to maximize user accessibility; authorization that is middleware-independent and beyond the physical transport layer; and security policy optimized for the home network environment. Originality/value - The paper focuses on an implementation-based security model for the home network. Though interest and research in home network security are increasing, only limited authentication applications have been adopted in real deployment up to now. This paper introduces an integrated security model and emphasizes safety and convenience so as to promote reliability in home network services.