As the Internet struggles to cope with scalability, mobility, and security issues, new network architectures are being proposed to better accommodate the needs of modern systems and applications. In particular, Content-Oriented Networking (CON) has emerged as a promising next-generation Internet architecture: it sets to decouple content from hosts, at the network layer, by naming data rather than hosts. CON comes with a potential for a wide range of benefits, including reduced congestion and improved delivery speed by means of content caching, simpler configuration of network devices, and security at the data level. However, it remains an interesting open question whether or not, and to what extent, this emerging networking paradigm bears new privacy challenges. In this paper, we provide a systematic privacy analysis of CON and the common building blocks among its various architectural instances in order to highlight emerging privacy threats, and analyze a few potential countermeasures. Finally, we present a comparison between CON and today's Internet in the context of a few privacy concepts, such as, anonymity, censoring, traceability, and confidentiality.Further, endpoint authentication mechanisms (whereby an endpoint can only authenticate the counterpart, but not the message) have been challenged by frequent attacks against SSL [34,42] and the hacking of certification authorities [46]. Also, the Internet today often struggles with mobility and resilience to disruption. Transport layer is, by design, unable to manage mobile parties and addon features -e.g., Mobile IPv6 (MIPv6) and Hierarchical MIPv6 [19] -have been suggested, albeit suffering from handoff latency and packet losses [26].Motivated by these issues, new architectures have been proposed, in the last few years, aiming to redesign the Internet (see, e.g., NSF's Future Internet Architecture multi-million program [57]), and accommodate content-oriented applications. In particular, Content-Oriented Networking (CON) [22] has set to decouple contents from hosts, at the network layer, by relying on the publish/subscribe paradigm. CON shifts identification from host to content, so that this can be located anywhere in the network. The content-centric communication paradigm introduced by CON relies on naming the content itself, rather than its location, and thus radically changes the way data is handled. Content is selfcontained, has a unique name, can be retrieved by means of an interest for that name, cached in any arbitrary location, and digitally signed to ensure its integrity and authenticity.
