Research on Access Control of Smart Home in NDN (Short Paper)

Named Data Networking (NDN) is one of the future Internet architectures and can support smart home very well. There is a large amount of private data with lower security level in smart home. Access control is an effective security solution. However, the existing NDN’s access control mechanisms that can be applied to smart homes don’t reasonably use the cache in NDN and take into account users’ authorization cancellation phase. Therefore, we designed an access control mechanism for smart homes in NDN. We mainly consider the process of the user requests permission, user requests data and user permission cancellation. By using the Cipher Block Chaining (CBC) symmetric encryption algorithm, identity-based encryption, and proxy re-encryption, the cache in NDN is effectively utilized, and the counting Bloom Filter is used to filter ineffective Interest packets and complete the user’s privilege cancellation phase. Experimental results show that the access control mechanism designed in this paper can effectively reduce the total time which starts from user requests the permission to decrypt data and reduce the time overhead of the NDN routers in the process of user privileges cancellation after using the counting Bloom Filter.

[1]  Sihem Guemara El Fatmi,et al.  Access control enforcement in Named Data Networking , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[2]  Emiliano De Cristofaro,et al.  Privacy in content-oriented networking: threats and countermeasures , 2012, CCRV.

[3]  Tao Chen,et al.  An encryption and probability based access control model for named data networking , 2014, 2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC).

[4]  Christopher A. Wood,et al.  Flexible end-to-end content security in CCN , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[5]  Alexander Afanasyev,et al.  NAC: name-based access control in named data networking , 2017, ICN.

[6]  Deborah Estrin,et al.  Named Data Networking (NDN) Project , 2010 .

[7]  Christian Bonnet,et al.  Integrating Named Data Networking in Internet of Things architecture , 2016, 2016 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW).

[8]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[9]  Hai Jiang,et al.  Survey of attribute based encryption , 2014, 15th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD).