Producer Anonymity based on Onion Routing in Named Data Networking

Named Data Networking (NDN) is one of promising next generation Internet architectures that aim to realize efficient content distribution. However, in terms of producer anonymity, NDN has a serious problem that adversaries can easily learn who publishes what content due to its feature that content is inherently tied to the producer by the content name and the signature. In this paper, we first define producer anonymity rigorously in terms of content-producer unlinkability, and then design a system to achieve it. Our design is based on hidden service, which is an onion routing-based system in IP, however, we improve it to take full advantage of NDN. We demonstrate that our system provides a level of anonymity comparable to hidden service with lower overhead through analysis and experiment

Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey

Internet usage has changed from its first design. Hence, the current Internet must cope with some limitations, including performance degradation, availability of IP addresses, and multiple security and privacy issues. Nevertheless, to unsettle the current Internet's network layer i.e., Internet Protocol with ICN is a challenging, expensive task. It also requires worldwide coordination among Internet Service Providers , backbone, and Autonomous Services. Additionally, history showed that technology changes e.g., from 3G to 4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes a long coexistence period between the old and new technology. Similarly, we believe that the process of replacement of the current Internet will surely transition through the coexistence of IP and ICN. Although the tremendous amount of security and privacy issues of the current Internet taught us the importance of securely designing the architectures, only a few of the proposed architectures place the security-by-design. Therefore, this article aims to provide the first comprehensive Security and Privacy analysis of the state-of-the-art coexistence architectures. Additionally, it yields a horizontal comparison of security and privacy among three deployment approaches of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical comparison among ten considered security and privacy features. As a result of our analysis, emerges that most of the architectures utterly fail to provide several SP features including data and traffic flow confidentiality, availability and communication anonymity. We believe this article draws a picture of the secure combination of current and future protocol stacks during the coexistence phase that the Internet will definitely walk across

Mobility-aware Software-Defined Service-Centric Networking for Service Provisioning in Urban Environments

Disruptive applications for mobile devices, such as the Internet of Things, Connected and Autonomous Vehicles, Immersive Media, and others, have requirements that the current Cloud Computing paradigm cannot meet. These unmet requirements bring the necessity to deploy geographically distributed computing architectures, such as Fog and Mobile Edge Computing. However, bringing computing close to users has its costs. One example of cost is the complexity introduced by the management of the mobility of the devices at the edge. This mobility may lead to issues, such as interruption of the communication with service instances hosted at the edge or an increase in communication latency during mobility events, e.g., handover. These issues, caused by the lack of mobility-aware service management solutions, result in degradation in service provisioning. The present thesis proposes a series of protocols and algorithms to handle user and service mobility at the edge of the network. User mobility is characterized when user change access points of wireless networks, while service mobility happens when services have to be provisioned from different hosts. It assembles them in a solution for mobility-aware service orchestration based on Information-Centric Networking (ICN) and runs on top of Software-Defined Networking (SDN). This solution addresses three issues related to handling user mobility at the edge: (i) proactive support for user mobility events, (ii) service instance addressing management, and (iii) distributed application state data management. For (i), we propose a proactive SDN-based handover scheme. For (ii), we propose an ICN addressing strategy to remove the necessity of updating addresses after service mobility events. For (iii), we propose a graph-based framework for state data placement in the network nodes that accounts for user mobility and latency requirements. The protocols and algorithms proposed in this thesis were compared with different approaches from the literature through simulation. Our results show that the proposed solution can reduce service interruption and latency in the presence of user and service mobility events while maintaining reasonable overhead costs regarding control messages sent in the network by the SDN controller