Abstract
The benefits of the ubiquitous caching in ICN are profound, such features make ICN promising for content distribution, but it also introduces a challenge to content protection against the unauthorized access. The protection of a content against unauthorized access requires consumer authentication and involves the conventional end-to-end encryption. However, in information-centric networking (ICN), such end-to-end encryption makes the content caching ineffective since encrypted contents stored in a cache are useless for any consumers except those who know the encryption key. For effective caching of encrypted contents in ICN, we propose a secure distribution of protected content (SDPC) scheme, which ensures that only authenticated consumers can access the content. SDPC is lightweight and allows consumers to verify the originality of the published content by using a symmetric key encryption. Moreover, SDPC naming scheme provides protection against privacy leakage. The security of SDPC was proved with the BAN logic and Scyther tool verification, and simulation results show that SDPC can reduce the content download delay.
Highlights
Since the earliest time of the Internet, its underlying architecture has been based on packet-switching and host-to-host communications
We propose a secure distribution of protected content (SDPC) scheme, which consists of two protocol suites, 1) the keying protocol suite and 2) the subscription and content access protocol suite
For effective caching and access control of the protected content in information-centric networking (ICN), we proposed a secure distribution of protected content (SDPC)
Summary
Since the earliest time of the Internet, its underlying architecture has been based on packet-switching and host-to-host communications. If an authorized consumer unsubscribes from the service, to ensure the forward secrecy it is necessary to make sure that leaving consumer don’t have access to future keys for the group; the shared key should be updated From this point onward, the publisher would encrypt new version of content with updated group keys. Further assume that before unsubscribe event the copies of segment S0,j and S1,j were already disseminated in ICN core network; if a consumer NA or NC request object Oj, it may get S0,j and S1,j from cache router encrypted with K1 and rest of the segments from publishers encrypted with K2. If a new authorized consumer subscribes for the service, to ensure the backward secrecy the shared key should be updated, and previous group members need to keep both keys for effective cache utilization.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.