Achieving secure and scalable data access control in information-centric networking

Zheng, Qingji; Wang, Guoqiang; Ravindran, Ravishankar; Azgin, Aytac

doi:10.1109/icc.2015.7249177

Cited by 19 publications

(11 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It compares the existing mechanisms on the basis of their overhead: communication and computation, and the entities that bear the computation burden. Client revocation method, ability of cache utilization, and the entities that enforce AC are other comparison features in Table X. In this section, we reviewed the existing research in ICN AC enforcement and specifically focused on models including broadcast encryption-based [112], [113], attribute-based [121]- [125], identity-based [126]- [128] session-based [114]- [116], proxy re-encryption-based [117]- [119], and others [130]- [134] models. Although almost all the proposed mechanisms introduce communication overhead, some of the proposed mechanisms [128], [130] require extensive interactions between an AC manager and other network entities in order to enforce access constraints.…”

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

“…Although we believe that the latter approach is more acceptable, as it imposes less complexity, efficient access revocation is a key design factor for scalable AC in ICNs. Some of the proposed mechanisms [114], [119], [120], [124], [127], [130], [131], [133] require the network (routers) to enforce AC and authenticate clients. The fact that the intermediate routers have to perform authentication procedure undermines the scalability of these mechanisms.…”

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

See 1 more Smart Citation

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

218

109

View full text Add to dashboard Cite

Information-Centric Networking (ICN) replaces the widely used host-centric networking paradigm in communication networks (e.g., Internet, mobile ad hoc networks) with an information-centric paradigm, which prioritizes the delivery of named content, oblivious of the contents' origin. Content and client security, provenance, and identity privacy are intrinsic in the ICN paradigm versus the current host centric paradigm where they have been instrumented as an after-thought. By design, the ICN paradigm inherently supports many security and privacy features, such as provenance and identity privacy, which are still not effectively available in the host-centric paradigm. However, given its nascency, the ICN paradigm has several open security and privacy concerns. In this article, we survey the existing literature in security and privacy in ICN and present open questions. More specifically, we explore three broad areas: security threats, privacy risks, and access control enforcement mechanisms.We present the underlying principle of the existing works, discuss the drawbacks of the proposed approaches, and explore potential future research directions. In security, we review attack scenarios, such as denial of service, cache pollution, and content poisoning. In privacy, we discuss user privacy and anonymity, name and signature privacy, and content privacy. ICN's feature of ubiquitous caching introduces a major challenge for access control enforcement that requires special attention. We review existing access control mechanisms including encryption-based, attributebased, session-based, and proxy re-encryption-based access control schemes. We conclude the survey with lessons learned and scope for future work.

show abstract

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

218

109

View full text Add to dashboard Cite

show abstract

“…In other work [16], author proposed a content access control scheme based on proxy re-encryption. In proxy reencryption the content is re-encrypted by an intermediate node.…”

Section: Related Workmentioning

confidence: 99%

“…The logic belief proves that N i is confident and believes that K i S is issued by M ; moreover, the freshness of the key from (16) also suggests that M is alive and running the protocol with N i . Further, from (15), (16) and (17), N i has guaranteed that M has been running the protocol, apparently with N i and P j . This also proves that M and N i are also agree on the nonce values corresponding to all the nonce in M4.…”

Section: (X) Ymentioning

confidence: 99%

Secure Distribution of Protected Content in Information-Centric Networking

Bilal

Pack

2020

IEEE Systems Journal

View full text Add to dashboard Cite

The benefits of the ubiquitous caching in ICN are profound, such features make ICN promising for content distribution, but it also introduces a challenge to content protection against the unauthorized access. The protection of a content against unauthorized access requires consumer authentication and involves the conventional end-to-end encryption. However, in information-centric networking (ICN), such end-to-end encryption makes the content caching ineffective since encrypted contents stored in a cache are useless for any consumers except those who know the encryption key. For effective caching of encrypted contents in ICN, we propose a secure distribution of protected content (SDPC) scheme, which ensures that only authenticated consumers can access the content. SDPC is lightweight and allows consumers to verify the originality of the published content by using a symmetric key encryption. SDPC also provides protection against privacy leakage. The security of SDPC was proved with the BAN logic and Scyther tool verification, and simulation results show that SDPC can reduce the content download delay.

show abstract

“…The proposed solution uses a single P KG. This solution is used in an ICN context by Wood and Uzun [22] to implement a DRM-like solution for the CCN architecture as well as by Zheng et al [24] to implement an access control mechanism for ICN. Our work extends these previous works by considering userspecific P KGs.…”

Section: Related Workmentioning

confidence: 99%

Securing Content Sharing over ICN

Fotiou¹,

Polyzos²

2016

Proceedings of the 3rd ACM Conference on Information-Centric Networking

View full text Add to dashboard Cite

The emerging Information-Centric Networking (ICN) paradigm is expected to facilitate content sharing among users. ICN will make it easy for users to appoint storage nodes, in various network locations, perhaps owned or controlled by them, where shared content can be stored and disseminated from. These storage nodes should be (somewhat) trusted since not only they have (some level of) access to user shared content, but they should also properly enforce access control. Traditional forms of encryption introduce significant overhead when it comes to sharing content with large and dynamic groups of users. To this end, proxy re-encryption provides a convenient solution. In this paper, we use Identity-Based Proxy Re-Encryption (IB-PRE) to provide confidentiality and access control for content items shared over ICN, realizing secure content distribution among dynamic sets of users. In contrast to similar IB-PRE based solutions, our design allows each user to generate the system parameters and the secret keys required by the underlay encryption scheme using their own Private Key Generator, therefore, our approach does not suffer from the key escrow problem. Moreover, our design further relaxes the trust requirements on the storage nodes by preventing them from sharing usable content with unauthorized users. Finally, our scheme does not require out-of-band secret key distribution.

show abstract

Achieving secure and scalable data access control in information-centric networking

Cited by 19 publications

References 19 publications

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Secure Distribution of Protected Content in Information-Centric Networking

Securing Content Sharing over ICN

Contact Info

Product

Resources

About