An Overview of Security Support in Named Data Networking

This article presents an overview of the security mechanisms in the NDN architecture that have been developed over the past several years. NDN changes the network communication model from the delivery of packets to hosts identified by IP addresses to the retrieval of named and secured data packets. Consequently, NDN also fundamentally changes the approaches to network security. Making named data the centerpiece of the architecture leads to a new security framework that secures data directly, and uses name semantics to enable applications to reason about security and to automate the use of cryptographic keys. In this article, we introduce NDN's approaches to security bootstrapping, data authenticity, confidentiality, and availability.

[1]  Priya Mahadevan,et al.  Interest flooding attack and countermeasures in Named Data Networking , 2013, 2013 IFIP Networking Conference.

[2]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[3]  Fan Yang,et al.  The QUIC Transport Protocol: Design and Internet-Scale Deployment , 2017, SIGCOMM.

[4]  Gene Tsudik,et al.  ANDaNA: Anonymous Named Data Networking Application , 2011, NDSS.

[5]  Satyajayant Misra,et al.  Security, Privacy, and Access Control in Information-Centric Networking: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[6]  Alexander Afanasyev,et al.  NDNCERT: universal usable trust management for NDN , 2017, ICN.

[7]  Alexander Afanasyev,et al.  NAC: Automating Access Control via Named Data , 2018, MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM).

[8]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[9]  Gene Tsudik,et al.  Closing the Floodgate with Stateless Content-Centric Networking , 2017, 2017 26th International Conference on Computer Communication and Networks (ICCCN).

[10]  Gene Tsudik,et al.  When encryption is not enough: privacy attacks in content-centric networking , 2017, ICN.

[11]  Haitao Zhang,et al.  Sharing mHealth Data via Named Data Networking , 2016, ICN.

[12]  Alexander Afanasyev,et al.  journal homepage: www.elsevier.com/locate/comcom , 2022 .

[13]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[14]  Van Jacobson,et al.  Schematizing Trust in Named Data Networking , 2015, ICN.

[15]  Christian F. Tschudin,et al.  Schematized access control for data cubes and trees , 2017, ICN.

[16]  Deborah Estrin,et al.  Named Data Networking (NDN) Project , 2010 .

[17]  Yingdi Yu An Endorsement-based Key Management System for Decentralized NDN Chat Application , 2014 .

[18]  Marc E. Mosko,et al.  CCNx Key Exchange Protocol Version 1.0 , 2017 .