Controle de acesso baseado em reencriptação por proxy em Redes Centradas em Informação
Abstract
Information-centric networks (ICN) represent a promising approach to the Future Internet, addressing the shortcomings of the current Internet with a suitable infrastructure for content distribution. By naming, routing, and forwarding content instead of machine addresses, the ICN shift the protagonists at the network layer from hosts to contents. One implication is the in-network cache, which allows a better use of communication channels and faster delivery of content to the user. However, the ability to receive content from caches generates concerns about access control. In this context, we propose a solution for access control in ICN based on proxy re-encryption. The proposed solution ensures that only authorized users are able to access content, while maintaining the beneficial effects of caching in ICN, even in face of malicious entities.
References
Ahlgren, B., Dannewitz, C., Imbrenda, C., Kutscher, D., and Ohlman, B. (2012). A survey of information-centric networking. IEEE Communications Magazine, 50(7):26–36.
Ateniese, G., Fu, K., Green, M., and Hohenberger, S. (2006). Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transaction on Information System Security, 9(1):1–30.
Brito, G. M. d., Velloso, P. B., and Moraes, I. M. (2012). Redes Orientadas a Conteúdo: Um Novo Paradigma para a Internet, chapter 5, pages 211–264. Minicursos do XXX Simpósio Brasileiro de Redes de Computadores de Sistemas Distribuídos.
Chow, S., Weng, J., Yang, Y., and Deng, R. (2010). Efficient unidirectional proxy re-encryption. In Bernstein, D. and Lange, T., editors, Progress in Cryptology – AFRICACRYPT 2010, volume 6055 of Lecture Notes in Computer Science, pages 316–332.
Fotiou, N., Marias, G. F., and Polyzos, G. C. (2012). Access control enforcement delegation for informationcentric networking architectures. In 2nd ACM SIGCOMM Workshop on Information-centric networking (ICN ’12), pages 85–90.
Hamdane, B., Msahli, M., Serhrouchni, A., and El Fatmi, S. (2013). Data-based access control in named data networking. In 9th International Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom ’13), pages 531–536.
Ion, M., Zhang, J., and Schooler, E. (2013). Toward content-centric privacy in ICN: attribute-based encryption and routing. In 3rd ACM SIGCOMM Workshop on Information-centric networking (ICN ’13), pages 39–40.
Jacobson, V., Smetters, D. K., Thornton, J. D., Plass, M., Briggs, N., and Braynard, R. (2012). Networking named content. Communications of the ACM, 55(1):117–124.
Kissel, Z. and Wang, J. (2013). Access control for untrusted content distribution clouds using unidirectional re-encryption. In 2013 International Conference on High Performance Computing and Simulation (HPCS), pages 49–56.
Kutscher, D., Pentikousis, K., Psaras, I., Corujo, D., Saucez, D., Schmidt, T., and Waehlisch, M. (2014). ICN research challenges. http://www.ietf.org/id/draft-kutscher-icnrg-challenges-02.txt. Work in progress.
Misra, S., Tourani, R., and Majd, N. E. (2013). Secure content delivery in information-centric networks: design, implementation, and analyses. In 3rd ACM SIGCOMM workshop on Information-centric networking (ICN ’13), pages 73–78.
Papanis, J. P., Papapanagiotou, S. I., Mousas, A. S., Lioudakis, G. V., Kaklamani, D. I., and Venieris, I. S. (2013). On the use of attribute-based encryption for multimedia content protection over informationcentric networks. Transactions on Emerging Telecommunications Technologies, pages 1–14.
Salsano, S., Detti, A., Cancellieri, M., Pomposini, M., and Blefari-Melazzi, N. (2012). Transport-layer issues in information centric networks. In 2nd Edition of the ICN Workshop on Information-centric Networking, ICN ’12, pages 19–24. ACM.
Singh, S., Puri, A., Singh, S. S., Vaish, A., and Venkatesan, S. (2012). A trust based approach for secure access control in information centric network. International Journal of Information and Network Security (IJINS), 1(2):97–104.
Smetters, D. and Jacobson, V. (2009). Securing network content. Technical report, PARC TR-2009-1.
Wood, C. and Uzun, E. (2014). Flexible end-to-end content security in ccn. In IEEE Consumer Communications and Networking Conference, CCNC ’14, pages 1–8.
Xiong, H., Zhang, X., Zhu, W., and Yao, D. (2012). Cloudseal: End-to-end content protection in cloud-based storage and delivery services. In Security and Privacy in Communication Networks, volume 96, pages 491–500.
Ateniese, G., Fu, K., Green, M., and Hohenberger, S. (2006). Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transaction on Information System Security, 9(1):1–30.
Brito, G. M. d., Velloso, P. B., and Moraes, I. M. (2012). Redes Orientadas a Conteúdo: Um Novo Paradigma para a Internet, chapter 5, pages 211–264. Minicursos do XXX Simpósio Brasileiro de Redes de Computadores de Sistemas Distribuídos.
Chow, S., Weng, J., Yang, Y., and Deng, R. (2010). Efficient unidirectional proxy re-encryption. In Bernstein, D. and Lange, T., editors, Progress in Cryptology – AFRICACRYPT 2010, volume 6055 of Lecture Notes in Computer Science, pages 316–332.
Fotiou, N., Marias, G. F., and Polyzos, G. C. (2012). Access control enforcement delegation for informationcentric networking architectures. In 2nd ACM SIGCOMM Workshop on Information-centric networking (ICN ’12), pages 85–90.
Hamdane, B., Msahli, M., Serhrouchni, A., and El Fatmi, S. (2013). Data-based access control in named data networking. In 9th International Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom ’13), pages 531–536.
Ion, M., Zhang, J., and Schooler, E. (2013). Toward content-centric privacy in ICN: attribute-based encryption and routing. In 3rd ACM SIGCOMM Workshop on Information-centric networking (ICN ’13), pages 39–40.
Jacobson, V., Smetters, D. K., Thornton, J. D., Plass, M., Briggs, N., and Braynard, R. (2012). Networking named content. Communications of the ACM, 55(1):117–124.
Kissel, Z. and Wang, J. (2013). Access control for untrusted content distribution clouds using unidirectional re-encryption. In 2013 International Conference on High Performance Computing and Simulation (HPCS), pages 49–56.
Kutscher, D., Pentikousis, K., Psaras, I., Corujo, D., Saucez, D., Schmidt, T., and Waehlisch, M. (2014). ICN research challenges. http://www.ietf.org/id/draft-kutscher-icnrg-challenges-02.txt. Work in progress.
Misra, S., Tourani, R., and Majd, N. E. (2013). Secure content delivery in information-centric networks: design, implementation, and analyses. In 3rd ACM SIGCOMM workshop on Information-centric networking (ICN ’13), pages 73–78.
Papanis, J. P., Papapanagiotou, S. I., Mousas, A. S., Lioudakis, G. V., Kaklamani, D. I., and Venieris, I. S. (2013). On the use of attribute-based encryption for multimedia content protection over informationcentric networks. Transactions on Emerging Telecommunications Technologies, pages 1–14.
Salsano, S., Detti, A., Cancellieri, M., Pomposini, M., and Blefari-Melazzi, N. (2012). Transport-layer issues in information centric networks. In 2nd Edition of the ICN Workshop on Information-centric Networking, ICN ’12, pages 19–24. ACM.
Singh, S., Puri, A., Singh, S. S., Vaish, A., and Venkatesan, S. (2012). A trust based approach for secure access control in information centric network. International Journal of Information and Network Security (IJINS), 1(2):97–104.
Smetters, D. and Jacobson, V. (2009). Securing network content. Technical report, PARC TR-2009-1.
Wood, C. and Uzun, E. (2014). Flexible end-to-end content security in ccn. In IEEE Consumer Communications and Networking Conference, CCNC ’14, pages 1–8.
Xiong, H., Zhang, X., Zhu, W., and Yao, D. (2012). Cloudseal: End-to-end content protection in cloud-based storage and delivery services. In Security and Privacy in Communication Networks, volume 96, pages 491–500.
Published
2014-11-03
How to Cite
MANNES, Elisa; MAZIERO, Carlos; LASSANCE, Luiz Carlos; BORGES, Fábio.
Controle de acesso baseado em reencriptação por proxy em Redes Centradas em Informação. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 14. , 2014, Belo Horizonte.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2014
.
p. 2-15.
DOI: https://doi.org/10.5753/sbseg.2014.20117.
