In-Device Proxy Re-encryption Service for Information-Centric Networking Access Control

“…We pay attention to the schemes [ 30 , 31 , 32 , 33 ] having the similar features as our proposed scheme, i.e., use of hybrid encryption, no need of trusted third party, and effective use of in-network caching mechanism. We compare our scheme with the schemes with respect to the various factors associated with the encryption-based access control in NDN, as described in Table 4 .…”

“…Although, the scheme [ 31 ], provides the cache awareness in the same level as our work, it incurs higher storage and computational burden in the network since it needs to store the key management tables at the edge router. When an interest request arrives, it needs to check against both tables for further message flows and key management operations.…”

“…Furthermore, the computational time for the router is smaller than the content producer since the router only needs to forward and reply the packets without any computation. Thus, the consumer and the router in our scheme are free from high computational overhead compared to [ 31 , 32 , 33 ] and similar to [ 30 ], as shown in Table 4 .…”

“…Although all other schemes [ 30 , 31 , 32 , 33 ] fulfill the usage of in-network caching in parallel, our scheme provides content retrieval time reduction with 10% to 25% for cached content since the encrypted content is available for all consumers from the router’s cache and only key re-encryption is required at the edge router. To sum up, ES_CD provides comparable properties for content confidentiality with others schemes and guarantees effective cache utilization for every content.…”

“…Even NDN packets do not contain any information about the source host where they were originally sent; contents security and privacy are still needed. Different cryptographic approaches have been explored in access control solutions for NDN, such as attribute-based encryption, broadcast encryption [ 32 , 33 ], role-based encryption, identity-based encryption [ 30 , 34 ], proxy re-encryption [ 31 , 35 , 36 ], and so on [ 7 , 37 , 38 ]. These approaches are examined below.…”

Secure Content Distribution with Access Control Enforcement in Named Data Networking

“…We pay attention to the schemes [ 30 , 31 , 32 , 33 ] having the similar features as our proposed scheme, i.e., use of hybrid encryption, no need of trusted third party, and effective use of in-network caching mechanism. We compare our scheme with the schemes with respect to the various factors associated with the encryption-based access control in NDN, as described in Table 4 .…”

“…Although, the scheme [ 31 ], provides the cache awareness in the same level as our work, it incurs higher storage and computational burden in the network since it needs to store the key management tables at the edge router. When an interest request arrives, it needs to check against both tables for further message flows and key management operations.…”

“…Furthermore, the computational time for the router is smaller than the content producer since the router only needs to forward and reply the packets without any computation. Thus, the consumer and the router in our scheme are free from high computational overhead compared to [ 31 , 32 , 33 ] and similar to [ 30 ], as shown in Table 4 .…”

“…Although all other schemes [ 30 , 31 , 32 , 33 ] fulfill the usage of in-network caching in parallel, our scheme provides content retrieval time reduction with 10% to 25% for cached content since the encrypted content is available for all consumers from the router’s cache and only key re-encryption is required at the edge router. To sum up, ES_CD provides comparable properties for content confidentiality with others schemes and guarantees effective cache utilization for every content.…”

“…Even NDN packets do not contain any information about the source host where they were originally sent; contents security and privacy are still needed. Different cryptographic approaches have been explored in access control solutions for NDN, such as attribute-based encryption, broadcast encryption [ 32 , 33 ], role-based encryption, identity-based encryption [ 30 , 34 ], proxy re-encryption [ 31 , 35 , 36 ], and so on [ 7 , 37 , 38 ]. These approaches are examined below.…”

Secure Content Distribution with Access Control Enforcement in Named Data Networking

An Accountable Access Control Scheme for Hierarchical Content in Named Data Networks with Revocation

Modelling of Resource-Aware Information Flows for Resource Constraint IoT Devices