Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani, Reza; Misra, Satyajayant; Mick, Travis; Panwar, Gaurav

doi:10.1109/comst.2017.2749508

Cited by 218 publications

(121 citation statements)

References 118 publications

(358 reference statements)

Supporting

Mentioning

109

Contrasting

Unclassified

Order By: Relevance

“…In the same context, we will focus on the security features that have been guaranteed by the packet authentication mechanism, though there are a number of security issues (in [3], DoS/DDoS, content poisoning, cache pollution, secure naming and routing, application security, and other general security concerns have been summarized as threats against ICN techniques. An authentication mechanism could be used to protect other attacks, but the fundamental goal of an authentication mechanism in CCN is to guarantee the security against the content poisoning attack) since only the authentication mechanism is considered in our approach.…”

Section: Security Analysis Note That the Goal Of This Work Is Tomentioning

confidence: 99%

“…Content-Centric Networking (CCN) has recently been proposed as one of different types of Information-Centric Networking (ICN) [1][2][3][4][5] to solve the problem of heavy traffic increases and the existing IP-based Internet's problems [1]. In CCN, contents are routed by their own content names rather than IP-addresses and data segments in the contents are stored in network nodes' storage (so-called in-network caching) during transmission for handling future requests rapidly.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

TLDA: An Efficient Two-Layered Data Authentication Mechanism for Content-Centric Networking

Seo

Youn

2018

Security and Communication Networks

View full text Add to dashboard Cite

Content-Centric Networking (CCN) is a new networking paradigm for the future Internet, which shifts the communication paradigm from host-centric to data-centric. In CCN, contents are routed by their unique names and they are stored in network nodes by units of segment during transmission for future usage. Since contents are stored in network nodes in a distributed manner, security is built into CCN data packets by embedding a public key signature to enable any content requesters to verify authenticity and integrity of contents. However, the use of public key signatures for authenticating CCN data packets incurs significant overhead regarding computation and communication, which limits universal utilization of CCN. Furthermore, this can lead to a new kind of DDoS attacks. Even though CCN adopts an aggregate signature method based on Merkle Hash Tree (MHT) in its reference implementation, it still incurs large amount of overhead. This paper presents TLDA, an efficient Two-Layered Data Authentication mechanism, which can considerably reduce overhead of computation and communication for authenticating data segments in CCN. For efficiency of computation and communication, TLDA newly introduces the concept of authentication Meta part consisting of data segments' hash values. To a great extent TLDA not only reduces the computation and communication overhead compared with CCN's basic authentication method, but also provides robustness against transmission loss and out-of-order transmission.We have implemented TLDA and demonstrated that it provides 74.3% improved throughput and 36.557% reduced communication overhead compared to those of the original CCNx library developed by PARC when transmitting a 128Mbyte content in units of 1Kbyte segment with RSA-2048 and SHA-256 as its signature algorithm and hash algorithm, respectively.

show abstract

Section: Security Analysis Note That the Goal Of This Work Is Tomentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

TLDA: An Efficient Two-Layered Data Authentication Mechanism for Content-Centric Networking

Seo

Youn

2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…As a new architecture, on one hand, ICN has many advantages over the traditional TCP/IP architecture. On the other hand, ICN also has many research challenges to be solved [11], such as the specific architecture, naming, routing [12], transport [13], caching [14], mobility [15] and security [16].…”

Section: Related Workmentioning

confidence: 99%

Modeling content transfer performance in information-centric networking

Ren

et al. 2017

Future Generation Computer Systems

View full text Add to dashboard Cite

“…Many ICN architectures have been proposed and still being researched. Based on the nature of communication Tourani et al [14] has categorized some common CCN architectures into two models as i) consumer-driven and ii) publish-subscribe. In the consumer driven architectures, the communication is initiated when a user sends a request for a data/content to the network and then the publisher sends the data back or in case of caching the cache sends the reply.…”

Section: Information Centric Networkingmentioning

confidence: 99%

“…But this feature could be exploited by attackers by adding unpopular content to the cache and hampering the cache distribution. Two common caches of cache pollution attacks identified are: locality disruption and false locality [14] . In locality disruption attack, the attacked continuously requests unpopular contents to disrupt the locality of the cache by adding new popular contents continuously.…”

Section: Cache Pollotionmentioning

confidence: 99%

A novel architecture of CCN for better security and applicability

Sharma¹,

Kim²

2017

Journal of the Korea Society for Simulation

View full text Add to dashboard Cite

Information Centric Networking is changing the way how content is being transmitted. The shift from IP and host based networking towards content based networking scenario is growing day by day. Many researches have been done about different frameworks of ICN. Caching is an important part of ICN and many researchers have also proposed different ways for caching the data. With caching of data in intermediate devices like the network devices as well the user devices in some cases, the issue of content security as well as the role of the content producer becomes a major concern. A modified ICN architecture based on the current Content Centric Networking (CCN) model is presented in the paper. The architecture mainly focuses on involving the content producer in content delivery in the real time. The proposed architecture provides better security aspects for the CCN architecture. Apart from security the paper will also consider the issue of applicability of CCN architecture to replace the TCP/IP based architecture. The efficiency of the proposed architecture is compared with the previous CCN architecture based on the response time for a content delivery which shows very comparable level of efficiency. The paper than analyzes different beneficial aspects of the proposed architecture over the current architecture.

show abstract

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Cited by 218 publications

References 118 publications

TLDA: An Efficient Two-Layered Data Authentication Mechanism for Content-Centric Networking

TLDA: An Efficient Two-Layered Data Authentication Mechanism for Content-Centric Networking

Modeling content transfer performance in information-centric networking

A novel architecture of CCN for better security and applicability

Contact Info

Product

Resources

About