Check before storing: what is the performance price of content integrity verification in LRU caching?

In some network and application scenarios, it is useful to cache content in network nodes on the fly, at line rate. Resilience of in-network caches can be improved by guaranteeing that all content therein stored is valid. Digital signatures could be indeed used to verify content integrity and provenance. However, their operation may be much slower than the line rate, thus limiting caching of cryptographically verified objects to a small subset of the forwarded ones. How this affects caching performance? To answer such a question, we devise a simple analytical approach which permits to assess performance of an LRU caching strategy storing a randomly sampled subset of requests. A key feature of our model is the ability to handle traffic beyond the traditional Independent Reference Model, thus permitting us to understand how performance vary in different temporal locality conditions. Results, also verified on real world traces, show that content integrity verification does not necessarily bring about a performance penalty; rather, in some specific (but practical) conditions, performance may even improve.

[1]  George Pavlou,et al.  Cache "Less for More" in Information-Centric Networks , 2012, Networking.

[2]  Virgílio A. F. Almeida,et al.  On the intrinsic locality properties of Web reference streams , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[3]  Mischa Schwartz,et al.  ACM SIGCOMM computer communication review , 2001, CCRV.

[4]  Pablo Rodriguez,et al.  Privacy risks in named data networking: what is the cost of performance? , 2012, CCRV.

[5]  Ashok Narayanan,et al.  Self-verifying names for read-only named data , 2012, 2012 Proceedings IEEE INFOCOM Workshops.

[6]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.

[7]  Flavio D. Garcia,et al.  A Schnorr-Like Lightweight Identity-Based Signature Scheme , 2009, AFRICACRYPT.

[8]  Gene Tsudik,et al.  DoS and DDoS in Named Data Networking , 2012, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[9]  Hao Che,et al.  Hierarchical Web caching systems: modeling, design and experimental results , 2002, IEEE J. Sel. Areas Commun..

[10]  Thomas C. Schmidt,et al.  Backscatter from the data plane - Threats to stability and security in information-centric network infrastructure , 2012, Comput. Networks.

[11]  Nikolaos Laoutaris,et al.  The LCD interconnection of LRU caches and its analysis , 2006, Perform. Evaluation.

[12]  Scott Shenker,et al.  A data-oriented (and beyond) network architecture , 2007, SIGCOMM '07.

[13]  Paul Barford,et al.  Generating representative Web workloads for network and server performance evaluation , 1998, SIGMETRICS '98/PERFORMANCE '98.

[14]  Predrag R. Jelenkovic,et al.  Optimizing LRU Caching for Variable Document Sizes , 2004, Combinatorics, Probability and Computing.

[15]  Philippe Robert,et al.  A versatile and accurate approximation for LRU cache performance , 2012, 2012 24th International Teletraffic Congress (ITC 24).

[16]  Li Fan,et al.  Web caching and Zipf-like distributions: evidence and implications , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[17]  Nicola Blefari-Melazzi,et al.  Transport-layer issues in information centric networks , 2012, ICN '12.

[18]  David Tse,et al.  Probabilistic methods for web caching , 2001, Perform. Evaluation.

[19]  Paolo Giaccone,et al.  Analyzing the Performance of LRU Caches under Non-Stationary Traffic Patterns , 2013, ArXiv.

[20]  Michael E. Kounavis,et al.  Encrypting the internet , 2010, SIGCOMM '10.

[21]  Peter J. Denning,et al.  Operating Systems Theory , 1973 .

[22]  Shirley Dex,et al.  JR 旅客販売総合システム(マルス)における運用及び管理について , 1991 .

[23]  Mark Crovella,et al.  Locality in a web of streams , 2005, CACM.

[24]  Aleksandar Kuzmanovic,et al.  Pollution attacks and defenses for Internet caching systems , 2008, Comput. Networks.

[25]  Bengt Ahlgren,et al.  A survey of information-centric networking , 2012, IEEE Communications Magazine.

[26]  Yonggang Wen,et al.  Towards name-based trust and security for content-centric network , 2011, 2011 19th IEEE International Conference on Network Protocols.

[27]  Mengjun Xie,et al.  Enhancing cache robustness for content-centric networking , 2012, 2012 Proceedings IEEE INFOCOM.

[28]  George Pallis,et al.  Insight and perspectives for content delivery networks , 2006, CACM.

[29]  Gerhard Weikum,et al.  The LRU-K page replacement algorithm for database disk buffering , 1993, SIGMOD Conference.

[30]  Ankit Singla,et al.  Information-centric networking: seeing the forest for the trees , 2011, HotNets-X.

[31]  Asit Dan,et al.  An approximate analysis of the LRU and FIFO buffer replacement schemes , 1990, SIGMETRICS '90.

[32]  Scott Shenker,et al.  Naming in content-oriented architectures , 2011, ICN '11.

[33]  Philippe Robert,et al.  Deterministic Versus Probabilistic Packet Sampling in the Internet , 2007, ITC.

[34]  George Pavlou,et al.  Probabilistic in-network caching for information-centric networks , 2012, ICN '12.