13,798 research outputs found
Up-to-date Key Retrieval for Information Centric Networking
Information Centric Networking (ICN) leverages in-network caching to provide efficient data distribution and better performance by replicating contents in multiple nodes to bring content nearer the users. Since contents are stored and replicated into node caches, the content validity must be assured end-to-end. Each content object carries a digital signature to provide a proof of its integrity, authenticity, and provenance. However, the use of digital signatures requires a key management infrastructure to manage the key life cycle. To perform a proper signature verification, a node needs to know whether the signing key is valid or it has been revoked. This paper discusses how to retrieve up-to-date signing keys in the ICN scenario. In the usual public key infrastructure, the Certificate Revocation Lists (CRL) or the Online Certificate Status Protocol (OCSP) enable applications to obtain the revocation status of a certificate. However, the push-based distribution of Certificate Revocation Lists and the request/response paradigm of Online Certificate Status Protocol should be fit in the mechanism of named-data. We consider three possible approaches to distribute up-to-date keys in a similar way to the current CRL and OCSP. Then, we suggest a fourth protocol leveraging a set of distributed notaries, which naturally fits the ICN scenario. Finally, we evaluate the number and size of exchanged messages of each solution, and then we compare the methods considering the perceived latency by the end nodes and the throughput on the network links
Scenarios and research issues for a network of information
This paper describes ideas and items of work within the
framework of the EU-funded 4WARD project. We present
scenarios where the current host-centric approach to infor-
mation storage and retrieval is ill-suited for and explain
how a new networking paradigm emerges, by adopting the
information-centric network architecture approach, which
we call Network of Information (NetInf). NetInf capital-
izes on a proposed identifier/locator split and allows users
to create, distribute, and retrieve information using a com-
mon infrastructure without tying data to particular hosts.
NetInf introduces the concepts of information and data ob-
jects. Data objects correspond to the particular bits and
bytes of a digital object, such as text file, a specific encod-
ing of a song or a video. Information objects can be used
to identify other objects irrespective of their particular dig-
ital representation. After discussing the benefits of such an
indirection, we consider the impact of NetInf with respect
to naming and governance in the Future Internet. Finally,
we provide an outlook on the research scope of NetInf along
with items for future work
Internames: a name-to-name principle for the future Internet
We propose Internames, an architectural framework in which names are used to
identify all entities involved in communication: contents, users, devices,
logical as well as physical points involved in the communication, and services.
By not having a static binding between the name of a communication entity and
its current location, we allow entities to be mobile, enable them to be reached
by any of a number of basic communication primitives, enable communication to
span networks with different technologies and allow for disconnected operation.
Furthermore, with the ability to communicate between names, the communication
path can be dynamically bound to any of a number of end-points, and the
end-points themselves could change as needed. A key benefit of our architecture
is its ability to accommodate gradual migration from the current IP
infrastructure to a future that may be a ubiquitous Information Centric
Network. Basic building blocks of Internames are: i) a name-based Application
Programming Interface; ii) a separation of identifiers (names) and locators;
iii) a powerful Name Resolution Service (NRS) that dynamically maps names to
locators, as a function of time/location/context/service; iv) a built-in
capacity of evolution, allowing a transparent migration from current networks
and the ability to include as particular cases current specific architectures.
To achieve this vision, shared by many other researchers, we exploit and expand
on Information Centric Networking principles, extending ICN functionality
beyond content retrieval, easing send-to-name and push services, and allowing
to use names also to route data in the return path. A key role in this
architecture is played by the NRS, which allows for the co-existence of
multiple network "realms", including current IP and non-IP networks, glued
together by a name-to-name overarching communication primitive.Comment: 6 page
Investigating people: a qualitative analysis of the search behaviours of open-source intelligence analysts
The Internet and the World Wide Web have become integral parts of the lives of many modern individuals, enabling almost instantaneous communication, sharing and broadcasting of thoughts, feelings and opinions. Much of this information is publicly facing, and as such, it can be utilised in a multitude of online investigations, ranging from employee vetting and credit checking to counter-terrorism and fraud prevention/detection. However, the search needs and behaviours of these investigators are not well documented in the literature. In order to address this gap, an in-depth qualitative study was carried out in cooperation with a leading investigation company. The research contribution is an initial identification of Open-Source Intelligence investigator search behaviours, the procedures and practices that they undertake, along with an overview of the difficulties and challenges that they encounter as part of their domain. This lays the foundation for future research in to the varied domain of Open-Source Intelligence gathering
Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking
Information-centric networking proposals attract much attention in the
ongoing search for a future communication paradigm of the Internet. Replacing
the host-to-host connectivity by a data-oriented publish/subscribe service
eases content distribution and authentication by concept, while eliminating
threats from unwanted traffic at an end host as are common in today's Internet.
However, current approaches to content routing heavily rely on data-driven
protocol events and thereby introduce a strong coupling of the control to the
data plane in the underlying routing infrastructure. In this paper, threats to
the stability and security of the content distribution system are analyzed in
theory and practical experiments. We derive relations between state resources
and the performance of routers and demonstrate how this coupling can be misused
in practice. We discuss new attack vectors present in its current state of
development, as well as possibilities and limitations to mitigate them.Comment: 15 page
#mytweet via Instagram: Exploring User Behaviour across Multiple Social Networks
We study how users of multiple online social networks (OSNs) employ and share
information by studying a common user pool that use six OSNs - Flickr, Google+,
Instagram, Tumblr, Twitter, and YouTube. We analyze the temporal and topical
signature of users' sharing behaviour, showing how they exhibit distinct
behaviorial patterns on different networks. We also examine cross-sharing
(i.e., the act of user broadcasting their activity to multiple OSNs
near-simultaneously), a previously-unstudied behaviour and demonstrate how
certain OSNs play the roles of originating source and destination sinks.Comment: IEEE/ACM International Conference on Advances in Social Networks
Analysis and Mining, 2015. This is the pre-peer reviewed version and the
final version is available at
http://wing.comp.nus.edu.sg/publications/2015/lim-et-al-15.pd
ADN: An Information-Centric Networking Architecture for the Internet of Things
Forwarding data by name has been assumed to be a necessary aspect of an
information-centric redesign of the current Internet architecture that makes
content access, dissemination, and storage more efficient. The Named Data
Networking (NDN) and Content-Centric Networking (CCNx) architectures are the
leading examples of such an approach. However, forwarding data by name incurs
storage and communication complexities that are orders of magnitude larger than
solutions based on forwarding data using addresses. Furthermore, the specific
algorithms used in NDN and CCNx have been shown to have a number of
limitations. The Addressable Data Networking (ADN) architecture is introduced
as an alternative to NDN and CCNx. ADN is particularly attractive for
large-scale deployments of the Internet of Things (IoT), because it requires
far less storage and processing in relaying nodes than NDN. ADN allows things
and data to be denoted by names, just like NDN and CCNx do. However, instead of
replacing the waist of the Internet with named-data forwarding, ADN uses an
address-based forwarding plane and introduces an information plane that
seamlessly maps names to addresses without the involvement of end-user
applications. Simulation results illustrate the order of magnitude savings in
complexity that can be attained with ADN compared to NDN.Comment: 10 page
- …