AccConF: An Access Control Framework for Leveraging In-Network Cached Data in the ICN-Enabled Wireless Edge

Misra, Satyajayant; Tourani, Reza; Natividad, Frank; Mick, Travis; Majd, Nahid Ebrahimi; Huang, Hong

doi:10.1109/tdsc.2017.2672991

Cited by 64 publications

(25 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It also allow efficient revocation of the clients (without content re-encryption). A secure content delivery framework, which waives the necessity of an online authentication service was proposed by Misra et al [112], [113]. The framework uses the (n, t)-Shamir's secret sharing based broadcast encryption to enforce AC.…”

Section: A Encryption-based Access Controlmentioning

confidence: 99%

“…It compares the existing mechanisms on the basis of their overhead: communication and computation, and the entities that bear the computation burden. Client revocation method, ability of cache utilization, and the entities that enforce AC are other comparison features in Table X. In this section, we reviewed the existing research in ICN AC enforcement and specifically focused on models including broadcast encryption-based [112], [113], attribute-based [121]- [125], identity-based [126]- [128] session-based [114]- [116], proxy re-encryption-based [117]- [119], and others [130]- [134] models. Although almost all the proposed mechanisms introduce communication overhead, some of the proposed mechanisms [128], [130] require extensive interactions between an AC manager and other network entities in order to enforce access constraints.…”

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

“…To truly exploit ICN's intrinsic provisions for content availability, an AC mechanism should refrain from using an always-online entity. The work by Misra et al [113] is the first attempt in this direction.…”

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

See 2 more Smart Citations

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

Self Cite

218

109

View full text Add to dashboard Cite

Information-Centric Networking (ICN) replaces the widely used host-centric networking paradigm in communication networks (e.g., Internet, mobile ad hoc networks) with an information-centric paradigm, which prioritizes the delivery of named content, oblivious of the contents' origin. Content and client security, provenance, and identity privacy are intrinsic in the ICN paradigm versus the current host centric paradigm where they have been instrumented as an after-thought. By design, the ICN paradigm inherently supports many security and privacy features, such as provenance and identity privacy, which are still not effectively available in the host-centric paradigm. However, given its nascency, the ICN paradigm has several open security and privacy concerns. In this article, we survey the existing literature in security and privacy in ICN and present open questions. More specifically, we explore three broad areas: security threats, privacy risks, and access control enforcement mechanisms.We present the underlying principle of the existing works, discuss the drawbacks of the proposed approaches, and explore potential future research directions. In security, we review attack scenarios, such as denial of service, cache pollution, and content poisoning. In privacy, we discuss user privacy and anonymity, name and signature privacy, and content privacy. ICN's feature of ubiquitous caching introduces a major challenge for access control enforcement that requires special attention. We review existing access control mechanisms including encryption-based, attributebased, session-based, and proxy re-encryption-based access control schemes. We conclude the survey with lessons learned and scope for future work.

show abstract

Section: A Encryption-based Access Controlmentioning

confidence: 99%

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

See 1 more Smart Citation

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

Self Cite

218

109

View full text Add to dashboard Cite

show abstract

“…In earlier work [13], the authors proposed a content access control scheme for ICN enabled wireless edge. The proposed one is an extension of [14], which employs the public-key based algorithm and shamir's secret sharing as a building block, named AccConF.…”

Section: Related Workmentioning

confidence: 99%

Secure Distribution of Protected Content in Information-Centric Networking

Bilal

Pack

2020

IEEE Systems Journal

View full text Add to dashboard Cite

The benefits of the ubiquitous caching in ICN are profound, such features make ICN promising for content distribution, but it also introduces a challenge to content protection against the unauthorized access. The protection of a content against unauthorized access requires consumer authentication and involves the conventional end-to-end encryption. However, in information-centric networking (ICN), such end-to-end encryption makes the content caching ineffective since encrypted contents stored in a cache are useless for any consumers except those who know the encryption key. For effective caching of encrypted contents in ICN, we propose a secure distribution of protected content (SDPC) scheme, which ensures that only authenticated consumers can access the content. SDPC is lightweight and allows consumers to verify the originality of the published content by using a symmetric key encryption. SDPC also provides protection against privacy leakage. The security of SDPC was proved with the BAN logic and Scyther tool verification, and simulation results show that SDPC can reduce the content download delay.

show abstract

“…Misra et al proposed an access control mechanism that uses the ( n , t )‐Shamir's secret sharing‐based broadcast encryption. In this mechanism, the content producer divides the content key, a symmetric key, into ( n + t ) blocks and distributes n of them to n authorized users as their client share, remains the rest of t blocks in its enable block.…”

Section: Access Control In Ndnmentioning

confidence: 99%

An edge re‐encryption‐based access control mechanism in NDN

Zhu

Huang

Tao

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Content privacy is one of the key issues in named data networking. Implementing content access control by encrypting the content key with the user's public key is the major method currently. However, this method brings extra retrieving delay because the user needs to obtain the encrypted key from the producer after requesting data packet. Focusing on this problem, this paper proposes an edge re‐encryption‐based access control (ERE‐AC), in which the content is encrypted using a symmetric key, and the content key will be encrypted twice by the producer and edge router. Using edge re‐encryption, only the authorized user can decrypt the re‐encrypted content key with its own private key and thus obtaining the plaintext of content. This mechanism makes the encrypted content and content key stored in the network that are available for all users. It achieves two advantages, one is that the user does not need to fetch content key from the producer and can shorten the retrieving time; another is that no replica redundancy exists in the network. The simulation results of ndnSIM show that compared with encryption and probability‐based access control model, ERE‐AC can effectively shorten the content retrieving delay while slightly increasing the hit rate.

show abstract

AccConF: An Access Control Framework for Leveraging In-Network Cached Data in the ICN-Enabled Wireless Edge

Cited by 64 publications

References 30 publications

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Secure Distribution of Protected Content in Information-Centric Networking

An edge re‐encryption‐based access control mechanism in NDN

Contact Info

Product

Resources

About