Identity Based Approach Under a Unified Service Model for Secure Content Distribution in ICN

Various schemes have been proposed for secure content delivery and access control in Information-Centric Networks (ICN). However, it is not trivial to compare their performances due to the lack of unified service model and consistent implementation methods. In this paper, a general service model merging publish-subscribe pattern with ICN framework is proposed to enable performance evaluation of different access control schemes or various implementations. In addition, an identity based hybrid approach under this model is designed and analyzed, in which the content to be delivered is encrypted using a symmetric secret key, which is then protected by an identity-based encryption scheme together with the license to play the content, and later distributed to consumers as requested. Finally, this approach and two existing schemes are implemented on a common cryptography library, and evaluated. Test results show that the proposed approach exhibits better performance and higher energy-efficiency in mobile terminals than those existing ones.

[1]  Ping Wang,et al.  Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound , 2018, IEEE Transactions on Dependable and Secure Computing.

[2]  Jianqing Zhang,et al.  Toward content-centric privacy in ICN: attribute-based encryption and routing , 2013, SIGCOMM 2013.

[3]  Yonggang Wen,et al.  Towards name-based trust and security for content-centric network , 2011, 2011 19th IEEE International Conference on Network Protocols.

[4]  Suyong Eum,et al.  Information-Centric Networking (ICN) Research Challenges , 2016, RFC.

[5]  Satyajayant Misra,et al.  Secure content delivery in information-centric networks: design, implementation, and analyses , 2013, ICN '13.

[6]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[7]  Christopher A. Wood,et al.  Flexible end-to-end content security in CCN , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[8]  Scott Shenker,et al.  A data-oriented (and beyond) network architecture , 2007, SIGCOMM 2007.

[9]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[10]  Dijiang Huang,et al.  Attribute-based Access Control for ICN Naming Scheme , 2018, IEEE Trans. Dependable Secur. Comput..

[11]  Lixia Zhang Name-Based Access Control , 2015 .

[12]  Lixia Zhang,et al.  Securing building management systems using named data networking , 2014, IEEE Network.

[13]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[14]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[15]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.