Abstract

The benefits of the ubiquitous caching in ICN are profound, such features make ICN promising for content distribution, but it also introduces a challenge to content protection against the unauthorized access. The protection of a content against unauthorized access requires consumer authentication and involves the conventional end-to-end encryption. However, in information-centric networking (ICN), such end-to-end encryption makes the content caching ineffective since encrypted contents stored in a cache are useless for any consumers except those who know the encryption key. For effective caching of encrypted contents in ICN, we propose a secure distribution of protected content (SDPC) scheme, which ensures that only authenticated consumers can access the content. SDPC is lightweight and allows consumers to verify the originality of the published content by using a symmetric key encryption. Moreover, SDPC naming scheme provides protection against privacy leakage. The security of SDPC was proved with the BAN logic and Scyther tool verification, and simulation results show that SDPC can reduce the content download delay.

Highlights

  • Since the earliest time of the Internet, its underlying architecture has been based on packet-switching and host-to-host communications

  • We propose a secure distribution of protected content (SDPC) scheme, which consists of two protocol suites, 1) the keying protocol suite and 2) the subscription and content access protocol suite

  • For effective caching and access control of the protected content in information-centric networking (ICN), we proposed a secure distribution of protected content (SDPC)

Read more

Summary

INTRODUCTION

Since the earliest time of the Internet, its underlying architecture has been based on packet-switching and host-to-host communications. If an authorized consumer unsubscribes from the service, to ensure the forward secrecy it is necessary to make sure that leaving consumer don’t have access to future keys for the group; the shared key should be updated From this point onward, the publisher would encrypt new version of content with updated group keys. Further assume that before unsubscribe event the copies of segment S0,j and S1,j were already disseminated in ICN core network; if a consumer NA or NC request object Oj, it may get S0,j and S1,j from cache router encrypted with K1 and rest of the segments from publishers encrypted with K2. If a new authorized consumer subscribes for the service, to ensure the backward secrecy the shared key should be updated, and previous group members need to keep both keys for effective cache utilization.

RELATED WORKS
SYSTEM MODEL
Content Access Protocols
Naming based Attacks
DDoS Attacks
Time Analysis Attack
Unauthorized Access
Traffic Monitoring Attack
Formal Analysis using BAN Logic
Scyther Implementation Results
PERFORMANCE EVALUATION
RS YYY YYY YYY YYY
Findings
CONCLUSION
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.