In content-based security, encrypted content as well as wrapped access keys are made freely available by an Information Centric Network: Only those clients which are able to unwrap the encryption key can access the protected content. In this paper we extend this model to computation chains where derived data (e.g. produced by a Named Function Network) also has to comply to the content-based security approach. A central problem to solve is the synchronized ondemand publishing of encrypted results and wrapped keys as well as defining the set of consumers which are authorized to access the derived data. In this paper we introduce "contentattendant policies" and report on a running prototype that demonstrates how to enforce data owner-defined access control policies despite fully decentralized and arbitrarily long computation chains. CCS Concepts •Networks → Network protocol design; •Security and privacy → Security protocols;
In classic ICN where delivery of named data cannot be guarded, access control is usually implemented by rst encrypting the data and secondly by providing the corresponding data encryption keys (DEKs) to authorized users only: Authorized users will obtain DEKs in encrypted form, wrapped with their public key. This approach has three shortcomings which we address in this paper. (a) Key management is tedious if it has to be done on a per-principle basis, (b) access granularity for single documents should be extended to document collections (e.g. namespace sub-trees) and data cubes (sub-elements within data records), (c) there needs to be support for access right propagation across data aggregation and derivation chains. CCS CONCEPTS • Security and privacy → Access control; Management and querying of encrypted data; • Networks → In-network processing;
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.