本論文藉由設計使用者認證與家庭信任檔案交換系統，提供使用者權限分級與跨家庭異地存取，並透過自行設計的新型態服務顯示本系統使用的虛擬化服務與子系統所架構的多編碼撥放環境。

提供一個基於UPnP環境的家庭管理系統，將家庭網路區分為信任網路，非信任網路與裝置網路。透過中央的Home Network Controller提供家庭服務的代理與家庭網路的管控。使用者藉由登入取得使用家庭服務的身分。透過網路管理達到裝置區分，以避免未授權檔案的交流。

HNC提供的服務方面主要分為Media Server與其他的虛擬代理服務。Media Server尋找裝置網路中的所有多媒體資源，透過管理者設定檔案的權限。當使用者存取時，透過檔案的權限，讓特定身分的使用者可以看到特定檔案。虛擬代理服務則是透過HNC針對裝置網路中的服務進行代理，透過HNC的管制，可以讓不同身分擁有存取不同的服務，裝置網路內的服務也可以透過此虛擬代理服務輕易的達到用戶管控。

與外部網路透過數位憑證的方式進行信任家庭的建立與判斷。建立信任家庭後，透過交換家庭中的信任檔案列表，再搭配NAT達到家庭檔案與外部網路進行分享的目的。信任的檔案列表中有包含各檔案的權限等級，所以使用者也只能看到一部分符合身份的內容。通過互信家庭後，可以利用互信家庭內使用者的身分進行登入，登入後將會看到本地端家庭的檔案，互信家庭檔案與漫遊用戶檔案，所有的檔案都只列出使用者身分可以觀看的部分。

最後設計支援眾多多媒體格式Mega Player，可與家庭系統結合，並提供使用者便利的影音使用與網路資訊搜尋的環境。

In this thesis , we design an user authentication and the family trust file exchange system, provide users with permission to cross-grade remote access to the family and ,through self-designed new types of services shows that the system can use virtualization services to provide services.

A UPnP-based home environment management system, will be divided into trust network home network, non-trusted networks and devices network. Home Network Controller (HNC) through the central agency to provide family services and network control. Users made use of by logging the identity of family services. Isolate between devices through the network management in order to prevent unauthorized file sharing.

HNC is divided into the services provided by Virtual Media Server and other proxy services. Media Server device in the network used to find out all the multimedia resources, and setting file permissions by the administrator. When a user accessed the service with no permission, he can only see specific files which notifies user to login. Virtual Agent service is installed by HNC for the services network proxy, through HNC's control, user with different identity access different services, installation services within the network through the virtual proxy service can easily reach users control.

The external network uses digital certificate to establish trust in the family and to judge. Confidence-building family, will exchange the trusted multimedia file list, and then reached files with a NAT network for external accessing. The list of trusted files that contain the file permission level, so the user can see only part of the compliance status of content . After the family through mutual trust, user can use roaming login to authenticate themselves, after login user will see the files, contrasted by the local files, trusted files and roaming user files.

Finally, we design a Mega Player which support many multimedia formats, it can be combined with the family system and provide users with convenient video and network information usage in the network environment.

[1] UPnP device architecture version 1.0.1. UPnP Forum, Dec. 2003.
[2] S. Lawrence. UPnP basic device definition version 1.0. UPnP Forum, Dec. 2002.
[3] S. Mittra. Iolus: a framework for scalable secure multicasting. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pages 277-288. ACM SIGCOMM, 1997.
[4] R. Molva and A. Pannetrat. Scalable multicast security with dynamic recipient groups. ACM Transactions on Information and System Security, 3(3):136{160, 2000.
[5] S. Rafaeli and D. Hutchison. A survey of key management for secure group communication. ACM Computing Surveys (CSUR), 35(3):309-329, 2003.
[6] M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman key distribution extended to group communication. In CCS'96: Proceedings of the 3rd ACM conference on Computer and Communications Security, pages 31-37. ACM Press, 1996.
[7] P.L. Tsai, C.Y. Huang, Y.Y. Huang, C.C. Hsu, and C.L. Lei. A clustering and traffic-redistribution scheme for high-performance ipsec virtual private networks. In HiPC'05: Proceedings of the International Conference on High Performance Computing, LNCS 3769, pages 432-443. Springer, 2005.
[8] D. Wallner, E. Harder, and R. Agee. Key management for multicast: Issues and architectures. RFC 2627, June 1999.
[9] C. K. Wong, M. Gouda, and S. S. Lam. Secure group communications using key graphs. IEEE/ACM Trans-actions on Networking, 8(1):16-30, 2000.
[10] UPnP Forum, "Universal Plug and Play Device Architecture Version 1.0", http://www.upnp.org/resources/documents/CleanUPn-PDA101-20031202s.pdf, 2000.
[11] Satoshi Konno, "CyberLink for JAVA", http://www.cybergarage.org/net/upnp/java/index.html, 2004.
[12] S. Motegi, K. Tasaka, T. Niwat, H. Horiuchi, "Proposal on Wide area DLNA Communication System", IEICE Technical Report, vol. 107, no. 6, pp. 71-76, 2007.
[13] J. Beatty, G. Kakivaya, D. Kemp, "Web Services Dynamic Discovery (WS-Discovery) ", http://specs.xmlsoap.org/ws/2005/04/discovery/ws-discovery.pdf, 2005.
[14] Universal Plug and Play Device Architecture Reference Specification Version 1.0, Microsoft Corporation, June 2000, available to: http:/www.upnp.org.
[15] L.T Lee, W.A Shan, An Integrated Logical Structure-Based UPnP Architecture, July 2005
[16] 張建煌，黃國安,The Design of Group Management Mechanism for UPnP Network, June 2002
[17] Y .Bai and S. Chen, Design and Implementation of Home Intercom and Security Control Systems for Buildings.In Proceedings of ISCE 2007, Dallas, TX, USA, June 20–23, pp. 1–6. IEEE, New York.
[18] H. Lee and J. Kim , A Proxy-based Distributed Approach for Reliable Contents Sharing Among UPnP-enabled Home Networks. In Proceedings of PCM 2005, Jeju Island, Korea,November 11–13, pp. 443–454. Springer, Berlin.
[19] Y. Oh, H. Lee, The DLNA Proxy System Architecture for Sharing In-Home Media Contents via Internet. In Proceedings of ICACT 2006, Phoenix Park, Korea, February 19–22, pp. 1855–1858. IEEE, New York.
[20] S. Motegi,K. Tasaka, T. Niwat and H.Horiuchi, Proposal on Wide area DLNA Communication System. In Proceedings of CCNC 2008, Las Vegas, NV, USA, January 10–12, pp. 233–237. IEEE, New York.
[21] J.Kim, Y.Oh,H. Lee, Implementation of the DLNA proxy system for sharing home media contents. IEEE Trans. Consum. Electron., 53, 139–144.
[22] K.Hyuncheol ,J. Seong, Functional architecture of mobile gateway and home server for virtual home services. Adv. Intell. Comput., 3645, 781–790.
[23] V.Antonio,C. Fabrizio, UPnP Architecture for Distributed Video Voice over IP Applications. In Proceedings of CCNC 2007, Las Vegas, NV, USA, January 11–13, pp. 911–915. IEEE, New York.
[24] 蔡育儒、楊中皇，Live-CA：結合Java Card與PKI的憑證管理系統之設計與實現，TANET 2006台灣網際網路研討會，國立花蓮教育大學，2006年11月。
[25] Public Key Infrastructure ,http://www.opengroup.org/public/tech/security/pki/
[26] M. Handley, et al. “SIP: Session Initiation Protocol,” IETF RFC 2543, 1999
[27] K. Debique et al., “ContentDirectory:1 service template version 1.01,”2002.
[28] D. Kostic, A. Rodrigues, J. Albrecht, and A. Vahdat, “Using random subsets to build scalable network services,” in Proc. of USENIX Symposium on Internet Technologies and Systems, Mar. 2003.
[29] D. Kang, K. Kang, S. Choi, and J. Lee, “UPnP AV architecture multimedia system with a home gateway powered by the OSGi platform,” IEEE Transactions on Consumer Electronics, vol. 51, no. 1,2005.
[30] J. Walker, O.J. Morris, and B. Marusic, “Share It! - The architecture of a rights-manages network of peer-to-peer set-top-boxes,” in Proc. of EUROCON, 2003.
[31] X. Jiang, Y. Donh, D. Xu, and B. Ahargava, “Gnustream: A P2P media streaming system protype,” in Proc. of IEEE International Conference on Multimedia and Expo, July 2003.
[32] W. Jeon and K. Nahrstedt, “Peer-to-peer multimedia streaming and caching service,” in Proc. of ICME, 2002.
[33] X. Bai, Su. Liu, P. Zhang, and R. Kantola, ”ICN: Interest-based clustering network,” in Proc. of Fourth International Conference on Peer-to-Peer Computing, Aug. 2004.
[34] C. Bae, J. Yoo, K. Kang, Y. Choe, and J. Lee, “Home server for home digital service environments,” IEEE Transactions on Consumer Electronics, vol. 49, no. 4, 2003.
[35] UPnP Technology and Rich Media for the Digital Home, http://software.intel.com/en-us/articles/upnp-technology-and-rich-media-for-the-digital-home-part-1/
[36] Overview: Making PCs Easier to Set Up and Use, http://www.deviceforge.com/articles/AT9110123456.html