Title :
Access control enforcement in Named Data Networking
Author :
Hamdane, Balkis ; Serhrouchni, Ahmed ; Fatmi, S.G.E.
Author_Institution :
Telecom ParisTech, Paris, France
Abstract :
Named Data Networking (NDN) represents one of the major Information Centric Networking (ICN) candidates for future Internet architectures. It treats data as the central element and it leverages in-network caching. Access control is a fundamental security feature in this project. It limits data access to only authorized entities. However, it can no longer be tied to a content location or to a particular host, since multiple copies of a same data can reside in various network locations. Therefore, a data-oriented access control model must be adopted. In this paper, we propose an encryption-based access control scheme for NDN that allows encrypted content to freely reside anywhere in the network. This proposal represents an enhancement of the solution already implemented in the actual NDN prototype, CCNx. It is based on a new cryptographic model for access rights management and on an adaptation of the naming system. It mitigates identified attacks and it reduces the overhead cost.
Keywords :
authorisation; cryptography; information networks; CCNx prototype; ICN; NDN; access control enforcement; access rights management; cryptographic model; data-oriented access control model; encryption-based access control scheme; future Internet architectures; in-network caching; information centric networking; named data networking; Access control; Cryptography; Access control; CCNx; Named Data Networking;
Conference_Titel :
Internet Technology and Secured Transactions (ICITST), 2013 8th International Conference for
Conference_Location :
London
DOI :
10.1109/ICITST.2013.6750268
