Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/155967
|
| Title: | 基於W3C Web of Things架構設計智慧家庭閘道器的認證與維運機制
On Authentication and Operations for Smart Home Gateways Based on the W3C Web of Things Architecture |
| Authors: | 朱筑筠
Chu, Chu-Yun |
| Contributors: | 廖峻鋒
Liao, Chun-Feng
朱筑筠
Chu, Chu-Yun |
| Keywords: | 智慧家庭
Web of Things
CWMP
Smart Home
RESTful API
OAuth 2.0
JWT |
| Date: | 2025 |
| Issue Date: | 2025-03-03 14:02:51 (UTC+8) |
| Abstract: | 本研究探討智慧家庭閘道器的管理與安全性,旨在提升其互通性、事件通知 效率及通訊安全。針對 CWMP (CPE WAN Management Protocol)傳統架構在 維運過程中的效率瓶頸,本論文引入 Web of Things (WoT) 的概念,透過 RESTful API 替代 SOAP-based RPC 方法,並採用 WebSocket 和 Webhook 取 代 CWMP 的 Inform 機制,以改善事件通知的靈活性及即時性。此外,引入 OAuth 2.0 和 JSON Web Tokens (JWT) 強化設備間的身份驗證和授權,確保 CPE 與 ACS 之間的通訊安全。在實驗部分,本研究針對原 CWMP 架構與引入 WoT 優化後的系統進行效率和負載的比較,並深入分析兩種通知機制的即時性表現, 透過上述實作,以驗證提升 CWMP 協議系統維運效率和增強其通訊安全性。
This thesis explores the management and security of smart home gateways, aiming to enhance their interoperability, event notification efficiency, and communication security. To address the efficiency bottlenecks in the traditional CWMP (CPE WAN Management Protocol) architecture during operation and maintenance, this thesis introduces the concept of the Web of Things (WoT). The thesis replaces SOAP-based RPC methods with RESTful APIs and substitutes the CWMP Inform mechanism with WebSocket and Webhook to improve the flexibility and real-time performance of event notifications. Furthermore, OAuth 2.0 and JSON Web Tokens (JWT) are implemented to strengthen authentication and authorization between devices, ensuring secure communication between the CPE and ACS. In the experimental phase, the thesis compares the performance and load handling capabilities of the original CWMP architecture with the WoT-optimized system and conducts an in-depth analysis of the real-time performance of the two notification mechanisms. Through these implementations, the thesis validates the improvement of CWMP protocol efficiency and enhances its communication security. |
| Reference: | [1] R. F. Al-Mutawa and F. Albouraey Eassa, "A Smart Home System based on Internet of Things," arXiv e-prints, 2020. [Online]. Available: arXiv:2009.05328.
[2] S. K. Datta and C. Bonnet, "Advances in Web of Things for IoT Interoperability," presented at the ICCE-TW, 2018.
[3] P. Wang, F. Ye and X. Chen, "A Smart Home Gateway Platform for Data Collection and Awareness," IEEE Communications Magazine, vol. 56, no. 9, pp. 87-93, Sept. 2018, doi: 10.1109/MCOM.2018.1701217.
[4] I. Basicevic, "An analysis of the TR069 (CWMP) protocol," in 2023 46th MIPRO ICT and Electronics Convention (MIPRO), Opatija, Croatia, 2023, pp. 460-465, doi: 10.23919/MIPRO57284.2023.10159841
[5] M. Kovatsch, R. Matsukura, M. Lagally, T. Kawaguchi, K. Toumura, and K. Kajimoto, "Web of Things (WoT) Architecture," W3C Recommendation, Apr. 9, 2020. [Online]. Available: https://www.w3.org/TR/wot-architecture/
[6] World Wide Web Consortium, "SOAP Version 1.1," May 8, 2000. [Online]. Available: https://www.w3.org/TR/2000/NOTE-SOAP-20000508/
[7] R. T. Fielding, "Architectural Styles and the Design of Network-based Software Architectures," Ph.D. dissertation, Univ. of California, Irvine, 2000.
[8] C. -F. Liao and Y. -R. Chen, "Resource-Oriented Architecture for Smart Home Operations Management Platforms," in 2018 International Conference on Platform Technology and Service (PlatCon), Jeju, Korea (South), 2018, pp. 1-6, doi: 10.1109/PlatCon.2018.8472751.
[9] T. Karla and J. Tarnawski, "Soft real-time communication with WebSocket and WebRTC protocols: Performance analysis for web-based control loops," in 2019 24th International Conference on Methods and Models in Automation and Robotics (MMAR), 2019, pp. 1-6
[10] Hillen, Ben & Passchier, Igor & Matthijssen, E.F. & den Hartog, Frank & Selgert, Franklin. (2008). Remote Management of Mobile Devices with Broadband Forum's TR-069. 1 - 19. 10.1109/NETWKS.2008.4763676
[11] I. Ristemi, M. A. Trpkovska and B. Cico, "MyGitIssues Web Application as a Solution in Dealing with Issues on GitHub," in 2019 8th Mediterranean Conference on Embedded Computing (MECO), Budva, Montenegro, 2019, pp. 1- 4, doi: 10.1109/MECO.2019.8760175.
90
[12] T. -Y. Chung et al., "MUL-SWoT: A Social Web of Things Platform for Internet of Things Application Development," in 2014 IEEE International Conference on Internet of Things (iThings), and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom), Taipei, Taiwan, 2014, pp. 296-299, doi: 10.1109/iThings.2014.53.
[13] L. Sciullo, C. Aguzzi, M. Di Felice and T. S. Cinotti, "WoT Store: Enabling Things and Applications Discovery for the W3C Web of Things," in 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2019, pp. 1-8, doi: 10.1109/CCNC.2019.8651786.
[14] M. Kovatsch, R. Matsukura, M. Lagally, T. Kawaguchi, K. Toumura, and K. Kajimoto, "Web of Things (WoT) Thing Description," W3C Recommendation, Dec. 5, 2023. [Online]. Available: https://www.w3.org/TR/wot-thing- description11/
[15] World Wide Web Consortium (W3C), “Web of Things (WoT) Scripting API,” W3C Working Group Note, Oct. 3, 2023. [Online]. Available: https://www.w3.org/TR/2023/NOTE-wot-scripting-api-20231003/
[16] I. Zyrianoff, L. Gigli, F. Montori, C. Aguzzi, S. Kaebisch and M. Di Felice, "Seamless Integration of RESTful Web Services with the Web of Things," 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), Pisa, Italy, 2022, pp. 427-432, doi: 10.1109/PerComWorkshops53856.2022.9767531.
[17] R. Sardar and T. Anees, "Web of Things: Security Challenges and Mechanisms," IEEE Access, vol. 9, pp. 31695-31711, 2021, doi: 10.1109/ACCESS.2021.3057655.
[18] J. A. Martins, A. Mazayev and N. Correia, "Hypermedia APIs for the Web of Things," IEEE Access, vol. 5, pp. 20058-20067, 2017, doi: 10.1109/ACCESS.2017.2755259.
[19] P. Philippaerts, D. Preuveneers and W. Joosen, "Revisiting OAuth 2.0 Compliance: A Two-Year Follow-Up Study," in 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Delft, Netherlands, 2023, pp. 521-525, doi: 10.1109/EuroSPW59978.2023.00064.
[20] K. Dodanduwa and I. Kaluthanthri, "Role of Trust in OAuth 2.0 and OpenID Connect," in 2018 IEEE International Conference on Information and Automation for Sustainability (ICIAfS), Colombo, Sri Lanka, 2018, pp. 1-4, doi: 10.1109/ICIAFS.2018.8913384.
[21] S. Ahmed and Q. Mahmood, "An authentication based scheme for applications using JSON web token," in 2019 22nd International Multitopic Conference
91
(INMIC), Islamabad, Pakistan, 2019, pp. 1-6, doi:
10.1109/INMIC48123.2019.9022766
[22] Jánoky LV, Levendovszky J, Ekler P. An analysis on the revoking mechanisms
for JSON Web Tokens. International Journal of Distributed Sensor Networks.
2018;14(9). doi:10.1177/1550147718801535
[23] D. Guinard, V. Trifa and E. Wilde, "A resource oriented architecture for the Web
of Things," 2010 Internet of Things (IOT), Tokyo, Japan, 2010, pp. 1-8, doi:
10.1109/IOT.2010.5678452.
[24] F. Paganelli, S. Turchi and D. Giuli, "A Web of Things Framework for RESTful
Applications and Its Experimentation in a Smart City," IEEE Systems Journal,
vol. 10, no. 4, pp. 1412-1423, Dec. 2016, doi: 10.1109/JSYST.2014.2354835.
[25] C. Pautasso, O. Zimmermann, and F. Leymann, "Restful web services vs. 'big'
web services: Making the right architectural decision," in the 17th International
Conference on World Wide Web*, 2008, pp. 805-814
[26] L. Gao, C. Zhang, and L. Sun, "RESTful Web of Things API in Sharing Sensor
Data," in 2011 International Conference on Internet Technology and
Applications, Wuhan, China, 2011, pp. 1-4. doi: 10.1109/ITAP.2011.6006157.
[27] L. Cruz-Piris, D. Rivera and M. Vega-Barbas, "Methodology for massive
configuration of OAuth 2.0 tokens in large IoT scenarios," in 2020 16th International Conference on Intelligent Environments (IE), Madrid, Spain, 2020, pp. 5-12, doi: 10.1109/IE49459.2020.9154940
[28] P. Solapurkar, "Building secure healthcare services using OAuth 2.0 and JSON web token in IOT cloud scenario," in 2016 2nd International Conference on Contemporary Computing and Informatics (IC3I), Greater Noida, India, 2016, pp. 99-104, doi: 10.1109/IC3I.2016.7917942
[29] C. -F. Liao and W. Yi Ching, “Toward a CWMP and OAuth Compatible Operations Management Architecture for Smart Home Services” |
| Description: | 碩士
國立政治大學
資訊科學系
111753113 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0111753113 |
| Data Type: | thesis |
| Appears in Collections: | [資訊科學系] 學位論文
|
Files in This Item:
| File |
Description |
Size | Format | |
|---|
| 311301.pdf | | 3762Kb | Adobe PDF | 0 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
