On preserving privacy in content-oriented networks

Arianfar, Somaya; Koponen, Teemu; Raghavan, Barath; Shenker, Scott

doi:10.1145/2018584.2018589

Cited by 76 publications

(50 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The security of clean-slate Internet designs is extensively discussed in the literature [29], [30]. Some features proposed in these designs are similar to LIVE.…”

Section: Related Workmentioning

confidence: 99%

“…They only consider integrity verification by users by leveraging traditional public-key cryptography. Arianfar et al [29] leverage cooperation between CPs, and use unrelated contents, called "cover" contents, to mix sensitive contents. Although the approach eliminates the computation overhead incurred by cryptographic operations, it requires CPs to cooperate and store a large volume of "cover" contents, which may introduce heavy communication overheads between CPs.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

Zhang

Zheng

et al. 2015

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Named data networking (NDN) is a new paradigm for the future Internet wherein interest and data packets carry content names rather than the current IP paradigm of source and destination addresses. Security is built into NDN by embedding a public key signature in each data packet to enable verification of authenticity and integrity of the content. However, existing heavyweight signature generation and verification algorithms prevent universal integrity verification among NDN nodes, which may result in content pollution and denial of service attacks. Furthermore, caching and location-independent content access disables the capability of a content provider to control content access, e.g., who can cache a content and which end user or device can access it. We propose a lightweight integrity verification (LIVE) architecture, an extension to the NDN protocol, to address these two issues seamlessly. LIVE enables universal content signature verification in NDN with lightweight signature generation and verification algorithms. Furthermore, it allows a content provider to control content access in NDN nodes by selectively distributing integrity verification tokens to authorized nodes. We evaluate the effectiveness of LIVE with open source CCNx project. Our paper shows that LIVE only incurs average 10% delay in accessing contents. Compared with traditional public key signature schemes, the verification delay is reduced by over 20 times in LIVE.

show abstract

“…The security of clean-slate Internet designs is extensively discussed in the literature [29], [30]. Some features proposed in these designs are similar to LIVE.…”

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

Zhang

Zheng

et al. 2015

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

show abstract

“…Concerning the security threats in a CCN network, the available literature mainly covers privacy, data authentication, and data integrity issues. For example, [15] addresses the privacy problem deriving from the stateful operation of CCN routers, while data authentication and integrity have been considered since the seminal CCN papers [7,8]. Instead, a comprehensive study of the possible PIT overload issue deriving from a DDoS attack is missing.…”

Section: Related Workmentioning

confidence: 99%

PIT overload analysis in content centric networks

Virgilio

Marchetto

Sisto

2013

Proceedings of the 3rd ACM SIGCOMM Workshop on Information-Centric Networking

View full text Add to dashboard Cite

Content Centric Networking represents a paradigm shift in the evolution and definition of modern network protocols. Many research efforts have been made with the purpose of proving the feasibility and the scalability of this proposal. Our main contribution is to provide an analysis of the Pending Interest Table memory requirements in real deployment scenarios, especially considering the impact of distributed denial of service attacks. In fact, the state that the protocol maintains for each resource request makes the routers more prone to resources exhaustion issues than in traditional stateless solutions. Our results are derived by using a full custom simulator and considering the different node architectures that have been proposed as valid reference models. The main outcomes point out differentiated weaknesses in each architecture we investigated and underline the need for improvements in terms of security and scalability.

show abstract

“…CCN and NDN define an open framework built upon not only name-oriented networking but also many other key building blocks. There are numerous lines of work in the CCN/NDN framework, just to name a few, naming and name resolution (e.g., [7], [8]), data transfer (e.g., [9]), flow and traffic control (e.g., [10]), caching (e.g., [11]- [13]), routing and router design (e.g., [14]- [19]), mobile and ad hoc networks (e.g., [20], [21]), privacy (e.g., [22], [23]), and applications (e.g., [24], [25]). Among these efforts, the line of work on routing (e.g., [14]- [18], [20], [21]) is the most relevant to our studies.…”

Section: Joint Impacts Of Cs Size and Fib Sizementioning

confidence: 99%

Scale content centric networks via reactive routing

Xie

Yang

Wang

2013

2013 IEEE International Conference on Communications (ICC)

View full text Add to dashboard Cite

Name-based routing in content-centric networks leads to a paradigm shift from a host-to-host to a host-to-content communication model. However, name-based routing faces many challenges. In this paper, we mainly focus on the scalability challenge and address it via a hybrid, reactive routing approach, where we augment the content-centric networking design with an Infrastructure Information Base (IIB) to reap the benefits of both name-based and infrastructure-based routing. Our preliminary evaluations demonstrate that the hybrid reactive routing approach can significantly improve the network scalability by reducing the number of broadcast packets by 2-3 orders of magnitude while maintaining the same level of user experiences.

show abstract

On preserving privacy in content-oriented networks

Cited by 76 publications

References 34 publications

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

PIT overload analysis in content centric networks

Scale content centric networks via reactive routing

Contact Info

Product

Resources

About