This paper presents a content-based access control access control model for content stored in network storage. The model enforces the access control directly over content through encrypting content at the time of production, rather than relying on a third party (such as data storage) as traditional perimeter-based access control model. We present the design of Name-based Access Control (NAC), which implements the content-based access control model in Named Data Networking (NDN). We demonstrate how to make use of naming convention to explicitly convey access control policy and efficiently distribute access control keys, thus enabling effective access control. We evaluate the scalability of NAC against CCN-AC, another encryption-based access control scheme. The results suggest that NAC is more suitable for large scale distributed data production and consumption.
[1]
References
,
1971
.
[2]
Whitfield Diffie,et al.
New Directions in Cryptography
,
1976,
IEEE Trans. Inf. Theory.
[3]
Brent Waters,et al.
Attribute-based encryption for fine-grained access control of encrypted data
,
2006,
CCS '06.
[4]
Satyajayant Misra,et al.
Secure content delivery in information-centric networks: design, implementation, and analyses
,
2013,
ICN '13.
[5]
Gene Tsudik,et al.
Interest-Based Access Control for Content Centric Networks
,
2015,
ICN.
[6]
Ersin Uzun,et al.
An encryption-based access control framework for content-centric networking
,
2015,
2015 IFIP Networking Conference (IFIP Networking).
[7]
Van Jacobson,et al.
Schematizing Trust in Named Data Networking
,
2015,
ICN.