Rendezvous‐based access control for information‐centric architectures. Issue 1 (13th September 2017)
- Record Type:
- Journal Article
- Title:
- Rendezvous‐based access control for information‐centric architectures. Issue 1 (13th September 2017)
- Main Title:
- Rendezvous‐based access control for information‐centric architectures
- Authors:
- Fotiou, Nikos
Alzahrani, Bander A. - Other Names:
- Fung Carol guestEditor.
Faten Zhani Mohamed guestEditor.
Cordeiro Weverton guestEditor.
François Jérôme guestEditor. - Abstract:
- Summary: Information‐centric networking (ICN) has been in the spotlight of many research efforts as it shifts the focus from (endpoint) locations to content items themselves. By leveraging content centrism and by using content and content names as the main pillar of all (inter‐)networking functions, ICN architectures are expected to overcome many of the limitations of the current Internet architecture. Information‐centric networking paradigm also advocates a shift in security solutions: Instead of securing the communication channel, ICN security solutions should secure the content itself. Therefore, end users should be able to access content stored in various locations in the network—even unsecured—in a private and secure way. Similarly, content owners should not lose the governance of their content items, no matter the network location where they are stored. In this paper, we design, implement, and evaluate an access control delegation mechanism for the publish‐subscribe Internet architecture. Our solution does not introduce any new entity; instead it allows semitrusted publish‐subscribe Internet rendezvous points to enforce access control policies. Moreover, our solution leverages identity‐based proxy re‐encryption to protect content confidentiality in the presences of malicious publishers, ie, nodes that host content items and do not respect the access control decisions of the rendezvous point. Abstract : This work leverages identity‐based proxy re‐encryption forSummary: Information‐centric networking (ICN) has been in the spotlight of many research efforts as it shifts the focus from (endpoint) locations to content items themselves. By leveraging content centrism and by using content and content names as the main pillar of all (inter‐)networking functions, ICN architectures are expected to overcome many of the limitations of the current Internet architecture. Information‐centric networking paradigm also advocates a shift in security solutions: Instead of securing the communication channel, ICN security solutions should secure the content itself. Therefore, end users should be able to access content stored in various locations in the network—even unsecured—in a private and secure way. Similarly, content owners should not lose the governance of their content items, no matter the network location where they are stored. In this paper, we design, implement, and evaluate an access control delegation mechanism for the publish‐subscribe Internet architecture. Our solution does not introduce any new entity; instead it allows semitrusted publish‐subscribe Internet rendezvous points to enforce access control policies. Moreover, our solution leverages identity‐based proxy re‐encryption to protect content confidentiality in the presences of malicious publishers, ie, nodes that host content items and do not respect the access control decisions of the rendezvous point. Abstract : This work leverages identity‐based proxy re‐encryption for protecting content in information centric networking architectures. Content can be stored in arbitrary network locations, outside the administration realm of the content owner, and still be protected. Moreover, by carefully selecting identities used by the encryption mechanisms, the scheme is robust even against misbehaving network entities. … (more)
- Is Part Of:
- International journal of network management. Volume 28:Issue 1(2018)
- Journal:
- International journal of network management
- Issue:
- Volume 28:Issue 1(2018)
- Issue Display:
- Volume 28, Issue 1 (2018)
- Year:
- 2018
- Volume:
- 28
- Issue:
- 1
- Issue Sort Value:
- 2018-0028-0001-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2017-09-13
- Subjects:
- identity‐based encryption -- proxy re‐encryption -- publish‐subscribe Internet
Computer networks -- Management -- Periodicals
004.6 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1099-1190 ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/nem.2007 ↗
- Languages:
- English
- ISSNs:
- 1055-7148
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.373300
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 5693.xml