Named Data Networking (NDN) is embraced as the crucial implementation of Information-Centric Networking (ICN), enhancing content distribution and caching efficiency through edge routers. However, existing NDN architectures face significant security and privacy challenges, including: (a) a lack of secure and efficient access control; (b) inadequate support for flexible and selective content management by content publishers; (c) insufficient implementation of accountability and privilege revocation mechanisms. To handle these challenges, we propose ESAS, the first-ever Efficient Security-enhanced Accountable Access Control Scheme for NDN. Specifically, our ESAS incorporates anonymous authentication using group signatures at network routers to prevent unauthorized access, employs key-aggregation-based access control to facilitate selective content management, and maintains an access list at edge routers to trace and revoke privileges from content subscribers who misuse authorization tokens. Furthermore, our comprehensive security analysis and comparative studies validate enhanced security capabilities and superior features of our ESAS relative to existing access control solutions. We also conduct experiments to indicate the practicability and feasibility of our ESAS for edge routers, content publishers and subscribers, thereby confirming its effectiveness in NDN architecture.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

An Efficient Security-Enhanced Accountable Access Control for Named Data Networking

  • Jianfei Sun,
  • Yuxian Li,
  • Xuehuan Yang,
  • Guomin Yang,
  • Robert Deng

摘要

Named Data Networking (NDN) is embraced as the crucial implementation of Information-Centric Networking (ICN), enhancing content distribution and caching efficiency through edge routers. However, existing NDN architectures face significant security and privacy challenges, including: (a) a lack of secure and efficient access control; (b) inadequate support for flexible and selective content management by content publishers; (c) insufficient implementation of accountability and privilege revocation mechanisms. To handle these challenges, we propose ESAS, the first-ever Efficient Security-enhanced Accountable Access Control Scheme for NDN. Specifically, our ESAS incorporates anonymous authentication using group signatures at network routers to prevent unauthorized access, employs key-aggregation-based access control to facilitate selective content management, and maintains an access list at edge routers to trace and revoke privileges from content subscribers who misuse authorization tokens. Furthermore, our comprehensive security analysis and comparative studies validate enhanced security capabilities and superior features of our ESAS relative to existing access control solutions. We also conduct experiments to indicate the practicability and feasibility of our ESAS for edge routers, content publishers and subscribers, thereby confirming its effectiveness in NDN architecture.