59 research outputs found
Content-Centric Networking at Internet Scale through The Integration of Name Resolution and Routing
We introduce CCN-RAMP (Routing to Anchors Matching Prefixes), a new approach
to content-centric networking. CCN-RAMP offers all the advantages of the Named
Data Networking (NDN) and Content-Centric Networking (CCNx) but eliminates the
need to either use Pending Interest Tables (PIT) or lookup large Forwarding
Information Bases (FIB) listing name prefixes in order to forward Interests.
CCN-RAMP uses small forwarding tables listing anonymous sources of Interests
and the locations of name prefixes. Such tables are immune to Interest-flooding
attacks and are smaller than the FIBs used to list IP address ranges in the
Internet. We show that no forwarding loops can occur with CCN-RAMP, and that
Interests flow over the same routes that NDN and CCNx would maintain using
large FIBs. The results of simulation experiments comparing NDN with CCN-RAMP
based on ndnSIM show that CCN-RAMP requires forwarding state that is orders of
magnitude smaller than what NDN requires, and attains even better performance
Named Data Networking in Vehicular Ad hoc Networks: State-of-the-Art and Challenges
International audienceInformation-Centric Networking (ICN) has been proposed as one of the future Internet architectures. It is poised to address the challenges faced by today's Internet that include, but not limited to, scalability, addressing, security, and privacy. Furthermore, it also aims at meeting the requirements for new emerging Internet applications. To realize ICN, Named Data Networking (NDN) is one of the recent implementations of ICN that provides a suitable communication approach due to its clean slate design and simple communication model. There are a plethora of applications realized through ICN in different domains where data is the focal point of communication. One such domain is Intelligent Transportation System (ITS) realized through Vehicular Ad hoc NETwork (VANET) where vehicles exchange information and content with each other and with the infrastructure. To date, excellent research results have been yielded in the VANET domain aiming at safe, reliable, and infotainment-rich driving experience. However, due to the dynamic topologies, host-centric model, and ephemeral nature of vehicular communication, various challenges are faced by VANET that hinder the realization of successful vehicular networks and adversely affect the data dissemination, content delivery, and user experiences. To fill these gaps, NDN has been extensively used as underlying communication paradigm for VANET. Inspired by the extensive research results in NDN-based VANET, in this paper, we provide a detailed and systematic review of NDN-driven VANET. More precisely, we investigate the role of NDN in VANET and discuss the feasibility of NDN architecture in VANET environment. Subsequently, we cover in detail, NDN-based naming, routing and forwarding, caching, mobility, and security mechanism for VANET. Furthermore, we discuss the existing standards, solutions, and simulation tools used in NDN-based VANET. Finally, we also identify open challenges and issues faced by NDN-driven VANET and highlight future research directions that should be addressed by the research community
An efficient pending interest table control management in named data network
Named Data Networking (NDN) is an emerging Internet architecture that employs a new network communication model based on the identity of Internet content. Its core component, the Pending Interest Table (PIT) serves a significant role of recording Interest packet information which is ready to be sent but in waiting for matching Data packet. In managing PIT, the issue of flow PIT sizing has been very challenging due to massive use of long Interest lifetime particularly when there is no flexible replacement policy, hence affecting PIT performance. The aim of this study is to propose an efficient PIT Control Management (PITCM) approach to be used in handling incoming
Interest packets in order to mitigate PIT overflow thus enhancing PIT utilization and
performance. PITCM consists of Adaptive Virtual PIT (AVPIT) mechanism, Smart Threshold Interest Lifetime (STIL) mechanism and Highest Lifetime Least Request (HLLR) policy. The AVPIT is responsible for obtaining early PIT overflow prediction and reaction. STIL is meant for adjusting lifetime value for incoming Interest packet while HLLR is utilized for managing PIT entries in efficient manner. A specific research
methodology is followed to ensure that the work is rigorous in achieving the aim of the study. The network simulation tool is used to design and evaluate PITCM. The results of study show that PITCM outperforms the performance of standard NDN PIT with 45% higher Interest satisfaction rate, 78% less Interest retransmission rate and 65% less Interest drop rate. In addition, Interest satisfaction delay and PIT length is reduced significantly to 33% and 46%, respectively. The contribution of this study is important for Interest packet management in NDN routing and forwarding systems. The AVPIT and STIL mechanisms as well as the HLLR policy can be used in monitoring,
controlling and managing the PIT contents for Internet architecture of the future
Recent advances in connected vehicles via information-centric networking
V2X communication technology allows vehicles to communicate with each other, infrastructures as well as other parties. It is considered as a vital role in realizing future Intelligent Transport System (ITS). On one hand V2X is facing various expectations that requested by different features of applications, On the other hand, V2X has to overcome problems caused by the natures of high mobile vehicle environment. ICN proposed as the a substitution for future Internet rely on its naming design is likely to associate with V2X well in contrast to convention TCP/IP solution. This paper viewed recent relevant literatures from which unaddressed problems are identified with discussion of possible solutions. From this work, we are positioning our future efforts to fulfil such gaps
Access Control Mechanisms in Named Data Networks:A Comprehensive Survey
Information-Centric Networking (ICN) has recently emerged as a prominent
candidate for the Future Internet Architecture (FIA) that addresses existing
issues with the host-centric communication model of the current TCP/IP-based
Internet. Named Data Networking (NDN) is one of the most recent and active ICN
architectures that provides a clean slate approach for Internet communication.
NDN provides intrinsic content security where security is directly provided to
the content instead of communication channel. Among other security aspects,
Access Control (AC) rules specify the privileges for the entities that can
access the content. In TCP/IP-based AC systems, due to the client-server
communication model, the servers control which client can access a particular
content. In contrast, ICN-based networks use content names to drive
communication and decouple the content from its original location. This
phenomenon leads to the loss of control over the content causing different
challenges for the realization of efficient AC mechanisms. To date,
considerable efforts have been made to develop various AC mechanisms in NDN. In
this paper, we provide a detailed and comprehensive survey of the AC mechanisms
in NDN. We follow a holistic approach towards AC in NDN where we first
summarize the ICN paradigm, describe the changes from channel-based security to
content-based security and highlight different cryptographic algorithms and
security protocols in NDN. We then classify the existing AC mechanisms into two
main categories: Encryption-based AC and Encryption-independent AC. Each
category has different classes based on the working principle of AC (e.g.,
Attribute-based AC, Name-based AC, Identity-based AC, etc). Finally, we present
the lessons learned from the existing AC mechanisms and identify the challenges
of NDN-based AC at large, highlighting future research directions for the
community.Comment: This paper has been accepted for publication by the ACM Computing
Surveys. The final version will be published by the AC
Segurança e privacidade em terminologia de rede
Security and Privacy are now at the forefront of modern concerns, and drive
a significant part of the debate on digital society. One particular aspect that
holds significant bearing in these two topics is the naming of resources in the
network, because it directly impacts how networks work, but also affects how
security mechanisms are implemented and what are the privacy implications
of metadata disclosure. This issue is further exacerbated by interoperability
mechanisms that imply this information is increasingly available regardless of
the intended scope.
This work focuses on the implications of naming with regards to security and
privacy in namespaces used in network protocols. In particular on the imple-
mentation of solutions that provide additional security through naming policies
or increase privacy. To achieve this, different techniques are used to either
embed security information in existing namespaces or to minimise privacy ex-
posure. The former allows bootstraping secure transport protocols on top of
insecure discovery protocols, while the later introduces privacy policies as part
of name assignment and resolution.
The main vehicle for implementation of these solutions are general purpose
protocols and services, however there is a strong parallel with ongoing re-
search topics that leverage name resolution systems for interoperability such
as the Internet of Things (IoT) and Information Centric Networks (ICN), where
these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus-
são sobre a sociedade digital. Um aspecto particularmente subtil nesta dis-
cussão é a forma como atribuímos nomes a recursos na rede, uma escolha
com consequências práticas no funcionamento dos diferentes protocols de
rede, na forma como se implementam diferentes mecanismos de segurança
e na privacidade das várias partes envolvidas. Este problema torna-se ainda
mais significativo quando se considera que, para promover a interoperabili-
dade entre diferentes redes, mecanismos autónomos tornam esta informação
acessível em contextos que vão para lá do que era pretendido.
Esta tese foca-se nas consequências de diferentes políticas de atribuição de
nomes no contexto de diferentes protocols de rede, para efeitos de segurança
e privacidade. Com base no estudo deste problema, são propostas soluções
que, através de diferentes políticas de atribuição de nomes, permitem introdu-
zir mecanismos de segurança adicionais ou mitigar problemas de privacidade
em diferentes protocolos. Isto resulta na implementação de mecanismos de
segurança sobre protocolos de descoberta inseguros, assim como na intro-
dução de mecanismos de atribuiçao e resolução de nomes que se focam na
protecçao da privacidade.
O principal veículo para a implementação destas soluções é através de ser-
viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas
soluções extende-se também a outros tópicos de investigação que recorrem
a mecanismos de resolução de nomes para implementar soluções de intero-
perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na
informação (ICN).Programa Doutoral em Informátic
- …