论文信息 - Security Support in Named Data Networking

Security Support in Named Data Networking

This technical report presents an overview of the security support in the Named Data Networking (NDN) architecture that has been developed over the recent years. NDN changes the communication model from IP’s delivery of packets between hosts identified by IP addresses to the retrieval of named and secured data packets. Consequently NDN fundamentally changes the approach to securing communications. Making named data the centerpiece of the architecture leads to a new security framework which: (i) secures the data directly, and (ii) uses name semantics for applications to reason about security. In this paper we introduce NDN’s approach to security bootstrapping, data authentication, integrity, confidentiality, and availability. Note that this report is still in preliminary stage. We welcome all comments, and we plan to post an updated version in the near future.

[1] Ronald L. Rivest,et al. SDSI - A Simple Distributed Security Infrastructure , 1996 .

[2] Scott Rose,et al. DNS Security Introduction and Requirements , 2005, RFC.

[3] Deborah Estrin,et al. Named Data Networking (NDN) Project , 2010 .

[4] Gene Tsudik,et al. ANDaNA: Anonymous Named Data Networking Application , 2011, NDSS.

[5] Alexander Afanasyev,et al. journal homepage: www.elsevier.com/locate/comcom , 2022 .

[6] Priya Mahadevan,et al. Interest flooding attack and countermeasures in Named Data Networking , 2013, 2013 IFIP Networking Conference.

[7] Patrick Crowley,et al. Named data networking , 2014, CCRV.

[8] Yingdi Yu. An Endorsement-based Key Management System for Decentralized NDN Chat Application , 2014 .

[9] Van Jacobson,et al. Schematizing Trust in Named Data Networking , 2015, ICN.

[10] Haitao Zhang,et al. Sharing mHealth Data via Named Data Networking , 2016, ICN.

[11] Fan Yang,et al. The QUIC Transport Protocol: Design and Internet-Scale Deployment , 2017, SIGCOMM.

[12] Alexander Afanasyev,et al. NDNCERT: universal usable trust management for NDN , 2017, ICN.

[13] Alexander Afanasyev,et al. NAC: name-based access control in named data networking , 2017, ICN.

[14] Christian F. Tschudin,et al. Schematized access control for data cubes and trees , 2017, ICN.

[15] Marc E. Mosko,et al. CCNx Key Exchange Protocol Version 1.0 , 2017 .