DACPI: A decentralized access control protocol for information centric networking

AbdAllah, Eslam G.; Zulkernine, Mohammad; Hassanein, Hossam S.

doi:10.1109/icc.2016.7511198

Cited by 17 publications

(9 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We evaluate ECAC in various scenarios and under different request rates and number of attackers with respect to the number of legitimate users. We measure ICN performance metrics in the presence of and without ECAC, a representative of DACPI, and a representative of centralized access control mechanism (Access Control Enforcement Delegation, ACED) . Our results show that the ECAC requires less overhead than the DACPI in terms of ICN request access time delay and almost achieves results similar to the centralized ACED.…”

Section: Introductionmentioning

confidence: 92%

“…Existing access control mechanisms cannot be applied directly to ICN architectures because of the following three reasons: ICN supports in‐network caching, ICN requests do not have any user identification information, and ICN does not depend on IP addresses. Also, existing access control mechanisms fail to address the following attributes of a “good” access control mechanism: (1) reduce unnecessary communication overhead, (2) eliminate modifications to ICN architectures, (3) minimize the exchange of secret keys, (4) do not require large number of extra operations for access control, (5) prevent access control attacks, (6) preserve the privacy of ICN users, (7) ensure the integrity of the retrieved content, and (8) can be applied with different ICN naming schemes (self‐certifying and hierarchical) …”

Section: Introductionmentioning

confidence: 99%

“…More discussions about related work and generic centralized and decentralized access control mechanisms can be found in our earlier conference paper …”

mentioning

confidence: 99%

See 2 more Smart Citations

Preventing unauthorized access in information centric networking

AbdAllah

Zulkernine

Hassanein

2018

Security and Privacy

Self Cite

View full text Add to dashboard Cite

The increasing traffic volume and new requirements of highly scalable and efficient distribution of contents exceed the capabilities of the current Internet architecture. Information centric networking (ICN) is a new communication paradigm for the next generation internet (NGI), which focuses mainly on contents. ICN has in-network caching capability, which enables any node to cache any content coming from any publisher. ICN subscribers are able to access contents from different distributed locations. This capability maximizes the problem of unauthorized access to ICN contents. In this paper, we propose a decentralized elliptic curve-based access control (ECAC) protocol for ICN architectures. In this protocol, fewer public messages are needed for access control enforcement between ICN subscribers and ICN nodes than the existing access control protocols. ECAC protocol depends on ICN self-certifying naming scheme. We perform security analysis on ECAC for the following attacks: man-in-the-middle, forward security, replay attacks, integrity, and privacy violations. We also evaluate communication, computational, and storage overhead for performance analysis to ECAC. Based on our results that are obtained under various scenarios, ECAC efficiently prevents unauthorized access to ICN contents. KEYWORDS access control, elliptic curve cryptography, information centric networking, unauthorized access attacks INTRODUCTIONThe Internet is changing from Internet of hosts to Internet of things, Internet of media, Internet of service, and Internet of people. These new Internets require highly scalable and efficient contents distribution. Information centric networking (ICN) is one of the alternatives for these new Internets. The number of objects in ICN is expected to be several orders of magnitude higher than the number of nodes in current Internet architectures. According to Cisco Visual Networking Index, there will be almost 4.1 billion Internet users and 26.3 billion network devices and connections globally, the average fixed broadband connection speed will increase to 47.7 Mbps, and IP video will represent 82% of all traffic by 2020. 38 Different architectures have been proposed for ICN such as data oriented network architecture (DONA), network of information (NetInf), named data networking (NDN), and publish subscribe internet technology (PURSUIT). 39 All ICN architectures have some commonly shared concepts, which can be classified as follows: information object, naming, routing, caching, security, and application programming interface. [40][41][42][43][44][45][46] In-network caching is a major attribute of ICN, which allows any node to cache any content. This attribute is one of the major differences between ICN and non-ICN architectures. In the current Internet architectures, contents are stored at specific points, which simplifies the access control mechanisms. Network security administrator can deploy their security modules More discussions about related work and generic centralized and decentralized access control mecha...

show abstract

Section: Introductionmentioning

confidence: 92%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Preventing unauthorized access in information centric networking

AbdAllah

Zulkernine

Hassanein

2018

Security and Privacy

Self Cite

View full text Add to dashboard Cite

show abstract

“…This makes auditing difficult. Abdallah et al [34] made use of the Diffie-Hellman (DH) protocol in the process of content publishing to achieve decentralized access control. The content, its name, and metadata are sent to the ICN, while only the content name is published.…”

Section: Access Control Schemes For Icnmentioning

confidence: 99%

A Proxy Re-Encryption Approach to Secure Data Sharing in the Internet of Things Based on Blockchain

Agyekum

Xia

Sifah

et al. 2022

IEEE Systems Journal

View full text Add to dashboard Cite

The evolution of the Internet of Things has seen data sharing as one of its most useful applications in cloud computing. As eye-catching as this technology has been, data security remains one of the obstacles it faces since the wrongful use of data leads to several damages. In this article, we propose a proxy re-encryption approach to secure data sharing in cloud environments. Data owners can outsource their encrypted data to the cloud using identity-based encryption, while proxy re-encryption construction will grant legitimate users access to the data. With the Internet of Things devices being resource-constrained, an edge device acts as a proxy server to handle intensive computations. Also, we make use of the features of information-centric networking to deliver cached content in the proxy effectively, thus improving the quality of service and making good use of the network bandwidth. Further, our system model is based on blockchain, a disruptive technology that enables decentralization in data sharing. It mitigates the bottlenecks in centralized systems and achieves fine-grained access control to data. The security analysis and evaluation of our scheme show the promise of our approach in ensuring data confidentiality, integrity, and security.

show abstract

“…Interest flooding. [27,28,29,30,31] Few authors have tried to analyze these kind of threats in ICN along with various network instabilities. According to their analysis they are able to show that a strong coupling between control and data plane can be misused in various ways.…”

Section: ) Traffic Filtering and Aggregationmentioning

confidence: 99%

A Role of Routing, Transport and Security Mechanisms in Information Centric Network

2019

ijrte

View full text Add to dashboard Cite

Legacy networks which were discovered in 1970’s suited better for olden day’s communication model where the network is host centric, but nowadays expectations from communication networks is changing and it is shifting from host centric to data centric. To suit recent expectations there is need of revolution in communication networks; Information Centric Network (ICN) is a new kind of network architecture evolving for future internet. This article introduces ICN and its prominent features and reviews the work done post architectural approaches in the areas of routing, transport and security specifically.

show abstract

DACPI: A decentralized access control protocol for information centric networking

Cited by 17 publications

References 9 publications

Preventing unauthorized access in information centric networking

Preventing unauthorized access in information centric networking

A Proxy Re-Encryption Approach to Secure Data Sharing in the Internet of Things Based on Blockchain

A Role of Routing, Transport and Security Mechanisms in Information Centric Network

Contact Info

Product

Resources

About