3 research outputs found
Producer Anonymity based on Onion Routing in Named Data Networking
Named Data Networking (NDN) is one of promising next generation Internet architectures that aim to realize efficient content distribution. However, in terms of producer anonymity, NDN has a serious problem that adversaries can easily learn who publishes what content due to its feature that content is inherently tied to the producer by the content name and the signature. In this paper, we first define producer anonymity rigorously in terms of content-producer unlinkability, and then design a system to achieve it. Our design is based on hidden service, which is an onion routing-based system in IP, however, we improve it to take full advantage of NDN. We demonstrate that our system provides a level of anonymity comparable to hidden service with lower overhead through analysis and experiment
Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey
Internet usage has changed from its first design. Hence, the current Internet
must cope with some limitations, including performance degradation,
availability of IP addresses, and multiple security and privacy issues.
Nevertheless, to unsettle the current Internet's network layer i.e., Internet
Protocol with ICN is a challenging, expensive task. It also requires worldwide
coordination among Internet Service Providers , backbone, and Autonomous
Services. Additionally, history showed that technology changes e.g., from 3G to
4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes
a long coexistence period between the old and new technology. Similarly, we
believe that the process of replacement of the current Internet will surely
transition through the coexistence of IP and ICN. Although the tremendous
amount of security and privacy issues of the current Internet taught us the
importance of securely designing the architectures, only a few of the proposed
architectures place the security-by-design. Therefore, this article aims to
provide the first comprehensive Security and Privacy analysis of the
state-of-the-art coexistence architectures. Additionally, it yields a
horizontal comparison of security and privacy among three deployment approaches
of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical
comparison among ten considered security and privacy features. As a result of
our analysis, emerges that most of the architectures utterly fail to provide
several SP features including data and traffic flow confidentiality,
availability and communication anonymity. We believe this article draws a
picture of the secure combination of current and future protocol stacks during
the coexistence phase that the Internet will definitely walk across
Mobility-aware Software-Defined Service-Centric Networking for Service Provisioning in Urban Environments
Disruptive applications for mobile devices, such as the Internet of Things, Connected and Autonomous Vehicles, Immersive Media, and others, have requirements that the current Cloud Computing paradigm cannot meet. These unmet requirements bring the necessity to deploy geographically distributed computing architectures, such as Fog and Mobile Edge Computing. However, bringing computing close to users has its costs. One example of cost is the complexity introduced by the management of the mobility of the devices at the edge. This mobility may lead to issues, such as interruption of the communication with service instances hosted at the edge or an increase in communication latency during mobility events, e.g., handover. These issues, caused by the lack of mobility-aware service management solutions, result in degradation in service provisioning.
The present thesis proposes a series of protocols and algorithms to handle user and service mobility at the edge of the network. User mobility is characterized when user change access points of wireless networks, while service mobility happens when services have to be provisioned from different hosts. It assembles them in a solution for mobility-aware service orchestration based on Information-Centric Networking (ICN) and runs on top of Software-Defined Networking (SDN). This solution addresses three issues related to handling user mobility at the edge: (i) proactive support for user mobility events, (ii) service instance addressing management, and (iii) distributed application state data management. For (i), we propose a proactive SDN-based handover scheme. For (ii), we propose an ICN addressing strategy to remove the necessity of updating addresses after service mobility events. For (iii), we propose a graph-based framework for state data placement in the network nodes that accounts for user mobility and latency requirements.
The protocols and algorithms proposed in this thesis were compared with different approaches from the literature through simulation. Our results show that the proposed solution can reduce service interruption and latency in the presence of user and service mobility events while maintaining reasonable overhead costs regarding control messages sent in the network by the SDN controller