393 research outputs found
To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking
Information-Centric Networking (ICN) is an internetworking paradigm that
offers an alternative to the current IP\nobreakdash-based Internet
architecture. ICN's most distinguishing feature is its emphasis on information
(content) instead of communication endpoints. One important open issue in ICN
is whether negative acknowledgments (NACKs) at the network layer are useful for
notifying downstream nodes about forwarding failures, or requests for incorrect
or non-existent information. In benign settings, NACKs are beneficial for ICN
architectures, such as CCNx and NDN, since they flush state in routers and
notify consumers. In terms of security, NACKs seem useful as they can help
mitigating so-called Interest Flooding attacks. However, as we show in this
paper, network-layer NACKs also have some unpleasant security implications. We
consider several types of NACKs and discuss their security design requirements
and implications. We also demonstrate that providing secure NACKs triggers the
threat of producer-bound flooding attacks. Although we discuss some potential
countermeasures to these attacks, the main conclusion of this paper is that
network-layer NACKs are best avoided, at least for security reasons.Comment: 10 pages, 7 figure
Interest-Based Access Control for Content Centric Networks (extended version)
Content-Centric Networking (CCN) is an emerging network architecture designed
to overcome limitations of the current IP-based Internet. One of the
fundamental tenets of CCN is that data, or content, is a named and addressable
entity in the network. Consumers request content by issuing interest messages
with the desired content name. These interests are forwarded by routers to
producers, and the resulting content object is returned and optionally cached
at each router along the path. In-network caching makes it difficult to enforce
access control policies on sensitive content outside of the producer since
routers only use interest information for forwarding decisions. To that end, we
propose an Interest-Based Access Control (IBAC) scheme that enables access
control enforcement using only information contained in interest messages,
i.e., by making sensitive content names unpredictable to unauthorized parties.
Our IBAC scheme supports both hash- and encryption-based name obfuscation. We
address the problem of interest replay attacks by formulating a mutual trust
framework between producers and consumers that enables routers to perform
authorization checks when satisfying interests from their cache. We assess the
computational, storage, and bandwidth overhead of each IBAC variant. Our design
is flexible and allows producers to arbitrarily specify and enforce any type of
access control on content, without having to deal with the problems of content
encryption and key distribution. This is the first comprehensive design for CCN
access control using only information contained in interest messages.Comment: 11 pages, 2 figure
- …