INFORMATION CENTRIC NETWORKING INTEREST SIGNALED DYNAMIC DATA INTEGRITY VALIDATION OFFLOAD TO FOG NODE OR MOBILE EDGE COMPUTING NODE
暂无分享,去创建一个
Techniques are described herein for offloading the responsibility of validation to an edge node such as a fog router or Mobile Edge Computing (MEC) platform by signaling the same in an Interest packet or using another Out-of-Band (OOB) mechanism. Upon receiving the Interest packet, the edge node creates the local state entry in a Pending Interest Table (PIT) and marks the entry for local integrity validation. The edge node uses any mechanism to retrieve the public key and perform the validation on behalf of the sensors/end-users. DETAILED DESCRIPTION Data integrity validation is one of the basic and mandatory requirements in Information Centric Networking (ICN) / hybrid ICN (hICN). While there are various proposals available in the industry on how the Public Key Infrastructure (PKI) should be implemented for ICN/hICN, most involve base machinery where each data chunk is digitally signed using a data producer’s private key and the data consumers use the associated public key to validate the data integrity. How the keys are exchanged between producer and consumer varies depending on the proposal. With any of these options, the need to maintain the flow specific to the public key and perform the data integrity validation consumes additional power and other resource cycles that is very costly in the Internet of Things (IoT) and mobile world. The cost of validation is twofold: integrity hash computation and signature computation. Figures 1-3 below illustrate the goodput of an application using the hICN stack implemented in Vector Packet Processing (VPP) in different cases. A producer computes integrity SHA-256 hashes and a signature over a block of hashes contained in a manifest 2 Nainar et al.: INFORMATION CENTRIC NETWORKING INTEREST SIGNALED DYNAMIC DATA INT Published by Technical Disclosure Commons, 2018 2 5674 packet using RSA-2014 or ECDSA-192. The cost of verifications brings the goodput from about 3Gbps down to 1Gbps in the best case (RSA) or 300Mbps (ECDSA). If the applications cannot perform computation on blocks of data but only on a per-packet basis (e.g., small IoT sensors sending temperature measurements) the cost of cryptography becomes very high as the goodput drops to about 30 Mbps. Offloading to hardware is always a good option for cryptographic operations but in most cases is very expensive in the IoT in terms of power consumption. Offloading these computations to a trusted compute appliance is an opportunity to optimize IoT use cases without trading it off with security.