Securing Network Content

The goal of the current Internet is to provide content of interest (Web pages, voice, video, etc.) to the users that need it. Access to that content is achieved using a communication model designed in terms of connections between hosts. This conflation of what content you want to access with where (on what host) that content resides extends throughout current network protocols, and determines the context in which they offer network security. Trust in content – that it is the desired content, from the intended source, and unmodified in transit – is determined by where (from what host) and how (over what kind of connection) the content was retrieved. A user believes they are reading the news from the New York Times when they access it via a user-friendly name for the authoritative source of that news – www.nytimes.com; whether guessed, known, or obtained from a trusted directory (Google) in response to a few relevant search terms. Implicitly, they are also trusting that a) the DNS has given them a reliable indicator of where to find a host authorized to “speak for” the name they are interested in, b) they have actually made an HTTP connection to that host or its delegate (such as a content distribution network, or CDN) and c) that the content retrieved over that connection is unaltered by any unauthorized intermediary.1 A user accessing a higher-value resource, say their bank account, may do so with confidence only over a connection further authenticated by a cryptographic protocol such as TLS [10]. This gives them assurance that not only is the data coming from the intended source (as determined by the trust model for evaluating digital certificates built into their software client), and that it has not been tampered with in transit, but additionally that it may be protected from eavesdropping by encryption. This connection-focused approach to security inex-

[1]  Michael Walfish,et al.  Semantic-Free Referencing in Linked Distributed Systems , 2003, IPTPS.

[2]  Kostas Pentikousis,et al.  Scenarios and Research Issues for a Network of Information , 2008, MobiMedia.

[3]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[4]  A Logic for SDSI's Linked Local Name Spaces , 2000, J. Comput. Secur..

[5]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[6]  David Mazières,et al.  Fast and secure distributed read-only file system , 2000, TOCS.

[7]  Ben Y. Zhao,et al.  An Infrastructure for Fault-tolerant Wide-area Location and Routing , 2001 .

[8]  Daniel Massey,et al.  Security Through Publicity , 2006, HotSec.

[9]  Robert Tappan Morris,et al.  Persistent personal names for globally connected mobile devices , 2006, OSDI '06.

[10]  David R. Cheriton,et al.  An Architecture for Content Routing Support in the Internet , 2001, USITS.

[11]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[12]  Michael Walfish,et al.  A layered naming architecture for the internet , 2004, SIGCOMM '04.

[13]  Martín Abadi,et al.  On SDSI's linked local name spaces , 1997, Proceedings 10th Computer Security Foundations Workshop.

[14]  Robert Tappan Morris,et al.  User-Relative Names for Globally Connected Personal Devices , 2006, IPTPS.

[15]  Mark Allman Personal Namespaces , 2007, HotNets.

[16]  Michael Walfish,et al.  Untangling the Web from DNS , 2004, NSDI.

[17]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[18]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.

[19]  Luigi Iannone,et al.  LISP-DHT: towards a DHT to map identifiers onto locators , 2008, CoNEXT '08.

[20]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[21]  Kostas Pentikousis,et al.  Design considerations for a network of information , 2008, CoNEXT '08.

[22]  Christian Esteve Rothenberg,et al.  Towards a new generation of information-oriented internetworking architectures , 2008, CoNEXT '08.

[23]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[24]  I. Stoica,et al.  ROFL: routing on flat labels , 2006, SIGCOMM.

[25]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[26]  Andrew S. Tanenbaum,et al.  Securely replicated Web documents , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[27]  William Adjie-Winoto,et al.  The design and implementation of an intentional naming system , 2000, OPSR.