Optimized access control enforcement over encrypted content in information-centric networks

Mannes, Elisa; Maziero, Carlos; Lassance, Luiz Carlos; Borges, Fábio

doi:10.1109/iscc.2015.7405632

Cited by 10 publications

(9 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Owing to replication of contents across the network, in ICN this assumption has minor effect. Still, for the additional proof of the strength of the SDPC protocol suite, we implemented SDPC, EU-RE [18], and MCAC [17] in an automated security protocol analysis tool, Scyther [21]. We considered four claims: 1) aliveness, 2) weak agreement, 3) non-injective agreement, and 4) non-injective synchronization [20].…”

Section: G Scyther Implementation Resultsmentioning

confidence: 99%

“…In another study [18], the authors presented an access control scheme for the encrypted content in ICN, which is based on the efficient unidirectional proxy re-encryption (EU-PRE) proposed by [19]. The proposed scheme, named efficient unidirectional re-encryption (EU-RE), simplifies EU-PRE by eliminating the need of proxies in the re-encryption operation.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Secure Distribution of Protected Content in Information-Centric Networking

Bilal

Pack

2020

IEEE Systems Journal

View full text Add to dashboard Cite

The benefits of the ubiquitous caching in ICN are profound, such features make ICN promising for content distribution, but it also introduces a challenge to content protection against the unauthorized access. The protection of a content against unauthorized access requires consumer authentication and involves the conventional end-to-end encryption. However, in information-centric networking (ICN), such end-to-end encryption makes the content caching ineffective since encrypted contents stored in a cache are useless for any consumers except those who know the encryption key. For effective caching of encrypted contents in ICN, we propose a secure distribution of protected content (SDPC) scheme, which ensures that only authenticated consumers can access the content. SDPC is lightweight and allows consumers to verify the originality of the published content by using a symmetric key encryption. SDPC also provides protection against privacy leakage. The security of SDPC was proved with the BAN logic and Scyther tool verification, and simulation results show that SDPC can reduce the content download delay.

show abstract

Section: G Scyther Implementation Resultsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Secure Distribution of Protected Content in Information-Centric Networking

Bilal

Pack

2020

IEEE Systems Journal

View full text Add to dashboard Cite

show abstract

“…Even NDN packets do not contain any information about the source host where they were originally sent; contents security and privacy are still needed. Different cryptographic approaches have been explored in access control solutions for NDN, such as attribute-based encryption, broadcast encryption [ 32 , 33 ], role-based encryption, identity-based encryption [ 30 , 34 ], proxy re-encryption [ 31 , 35 , 36 ], and so on [ 7 , 37 , 38 ]. These approaches are examined below.…”

Section: Related Workmentioning

confidence: 99%

“…These approaches are examined below. The key problem of [ 30 , 31 , 34 , 35 , 39 ] these schemes are the computational and communication overhead for the content producer and the consumer, while other schemes [ 32 , 33 , 36 , 40 ] do not consider user or key revocation.…”

Section: Related Workmentioning

confidence: 99%

Secure Content Distribution with Access Control Enforcement in Named Data Networking

Hlaing

Funamoto

Mambo

2021

Sensors

View full text Add to dashboard Cite

NDN is one of the new emerging future internet architectures which brings up new solutions over today’s internet architecture, facilitating content distribution, in-network caching, mobility support, and multicast forwarding. NDNs ubiquitous in-network caching allows consumers to access data directly from the intermediate router’s cache. However, it opens content privacy problems since data packets replicated in the router are always accessible by every consumer. Sensitive contents in the routers should be protected and accessed only by authorized consumers. Although the content protection problem can be solved by applying an encryption-based access control policy, it still needs an efficient content distribution scheme with lower computational overhead and content retrieval time. We propose an efficient and secure content distribution (ES_CD), by combining symmetric encryption and identity-based proxy re-encryption. The analysis shows that our proposed scheme achieves content retrieval time reduction up to 20% for the cached contents in our network simulation environment and a slight computational overhead of less than 19 ms at the content producer and 9 ms at the consumer for 2 KB content. ES_CD provides content confidentiality and ensures only legitimate consumers can access the contents during a predefined time without requiring a trusted third party and keeping the content producer always online.

show abstract

“…This approach is not sufficient since the name of the content can be easily identified. To improve upon access control mechanisms in CCN (securing the content and its name) from unauthorized users, several mechanisms have been proposed, such as attribute encryption access, [33][34][35] proxy re-encryptions, and broadcast encryption access control schemes [36,37].…”

Section: Secured Content Centric Network (Ccn/ndn)mentioning

confidence: 99%

Efficient Lattice CP-ABE AC Scheme Supporting Reduced-OBDD Structure for CCN/NDN

et al. 2020

View full text Add to dashboard Cite

In line with the proposed 5th Generation network, content centric network/named data networking (CCN/NDN) has been offered as one of the promising paradigms to cope with the communication needs of future realistic network communications. CCN/NDN allows network communication based on content names and also allows users to obtain information from any of the nearest intermediary caches on the network. Due to that, the ability of cached content to protect itself is essential since contents can be cached on any node everywhere, and publishers may not have total control over their own published data. The attribute based encryption (ABE) scheme is a preferable approach, identified to enable cached contents to be self-secured since it has a special property of encryption with policies. However, most of the proposed ABE schemes for CCN/NDN suffer from some loopholes. They are not flexible in the expression of access policy, they are inefficient, they are based on bilinear maps with pairings, and they are vulnerable to quantum cryptography algorithms. Hence, we propose the ciphertext policy attribute based encryption access control (CP-ABE AC) scheme from a lightweight ideal lattice based on ring learning with error (R-LWE) problem, and demonstrated its use in practical applications. The proposed scheme is proved to be secure and efficient under the decision ring LWE problem in the selective set model. To achieve an efficient scheme, we used an efficient trapdoor technique and the access tree representation of access structure describing the access policies was modified into a new structure, based on a reduced ordered binary decision diagram (reduce-OBDD). This access structure can support Boolean operations such as AND, NOT, OR, and threshold gates. The final result showed that the proposed scheme was secure and efficient for applications, thereby supporting CCN/NDN as a promising paradigm.

show abstract

Optimized access control enforcement over encrypted content in information-centric networks

Cited by 10 publications

References 21 publications

Secure Distribution of Protected Content in Information-Centric Networking

Secure Distribution of Protected Content in Information-Centric Networking

Secure Content Distribution with Access Control Enforcement in Named Data Networking

Efficient Lattice CP-ABE AC Scheme Supporting Reduced-OBDD Structure for CCN/NDN

Contact Info

Product

Resources

About