A Framework for Privacy Analysis of ICN Architectures

Fotiou, Nikos; Arianfar, Somaya; Särelä, Mikko; Polyzos, George C.

doi:10.1007/978-3-319-06749-0_8

Cited by 11 publications

(11 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, gathering enough content delivered to a user can be used to profile and uniquely identify her. Malicious ICN nodes could also prevent the delivery of contents related to given topics in order to censor a certain type of information [21].…”

Section: Privacy Issues In Icnmentioning

confidence: 99%

PrivICN: Privacy-preserving content retrieval in information-centric networking

Bernardini¹,

Marchal

Asghar

et al. 2019

Computer Networks

View full text Add to dashboard Cite

Information-Centric Networking (ICN) has emerged as a paradigm to cope with the increasing demand for content delivery on the Internet. In contrast to the Internet Protocol (IP), the underlying architecture of ICN enables users to request contents based on their name rather than their hosting location (IP address). On the one hand, this preserves users' anonymity since packet routing does not require source and destination addresses of the communication parties. On the other hand, semantically-rich names reveal information about users' interests, which poses serious threats to their privacy.A curious ICN node can monitor the traffic to profile users or censor specific contents for instance. In this paper, we present PrivICN: a system to preserve the confidentiality of content names and contents in ICN and protect users' privacy. PrivICN relies on a proxy encryption scheme and has several features that distinguish it from existing solutions: it preserves full in-network caching benefits, it does not require end-to-end communication between clients and providers, it is scalable and provides flexible user management (addition/removal of users). We evaluate PrivICN in a real ICN network (CCNx implementation) showing that it introduces an acceptable overhead and little delay. PrivICN is publicly available as an open-source library.

show abstract

Section: Privacy Issues In Icnmentioning

confidence: 99%

PrivICN: Privacy-preserving content retrieval in information-centric networking

Bernardini¹,

Marchal

Asghar

et al. 2019

Computer Networks

View full text Add to dashboard Cite

show abstract

“…To reduce privacy overhead, privacy-enhancement middleware, such as anonymous and mixing proxies, will be considered, rather than end-to-end encryption schemes. Finally, a framework for the privacy analysis of ICN architectures is being developed [16] to provide a structured analysis of the issue.…”

Section: E Privacy Support In Icnmentioning

confidence: 99%

I-CAN: Information-centric future mobile and wireless access networks

Polyzos

Siris

Xylomenos

et al. 2014

10th International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness

Self Cite

View full text Add to dashboard Cite

show abstract

“…Fotiou et al [18] propose the use of ICN architectures as input for a privacy analysis. An ICN network consists of data owners (which are in control of the data, and hence map to 'controller'), consumers (which correspond with 'recipients'), storage nodes (which correspond with 'data sources'), resolvers (which correspond with 'processes'), and two information containers: data flows and data pools.…”

Section: Architectural Approachesmentioning

confidence: 99%

A comparison of system description models for data protection by design

Dewitte

Wuyts

Sion

et al. 2019

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

View full text Add to dashboard Cite

Since the General Data Protection Regulation (GDPR) entered into force, every actor involved in the processing of personal data must comply with Data Protection by Design (DPbD). Doing so requires assessing the risks to data subjects' rights and freedoms and implementing appropriate countermeasures. While legal experts traditionally apply Data Protection Impact Assessments (DPIA), software engineers rely on threat modeling for their assessment. Despite significant differences, both approaches nonetheless revolve around (i) a description of the system and (ii) the identification, assessment and mitigation of specific risks. In practice, however, DPIAs and threat modeling are usually performed in complete isolation, following their own, unharmonized lexicon and abstractions. Such as disconnect lowers the quality of the assessment and of the conceptual and architectural trade-offsIn this paper, we present (i) an overview of the legal and architectural modeling requirements and (ii) incentives and recommendations for aligning both modeling paradigms in order to support data protection by design from both a legal and a technical perspective. CCS CONCEPTS• Social and professional topics → Governmental regulations; • Software and its engineering → Architecture description languages; System modeling languages; • Security and privacy → Security requirements; Software security engineering;

show abstract

A Framework for Privacy Analysis of ICN Architectures

Cited by 11 publications

References 12 publications

PrivICN: Privacy-preserving content retrieval in information-centric networking

PrivICN: Privacy-preserving content retrieval in information-centric networking

I-CAN: Information-centric future mobile and wireless access networks

A comparison of system description models for data protection by design

Contact Info

Product

Resources

About