An access control mechanism to ensure privacy in named data networking using attribute-based encryption with immediate revocation of privileges

Silva, Roan Simoes da; Zorzo, Sergio Donizetti

doi:10.1109/ccnc.2015.7157958

Cited by 29 publications

(24 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Da Silva et al [124] proposed an AC mechanism using attribute-based encryption for instantaneous access revocation. The authors suggested the use of Ciphertext-policy ABE, in which the access policy, generated by the provider, is embedded inside the encrypted content.…”

Section: A Encryption-based Access Controlmentioning

confidence: 99%

“…Although we believe that the latter approach is more acceptable, as it imposes less complexity, efficient access revocation is a key design factor for scalable AC in ICNs. Some of the proposed mechanisms [114], [119], [120], [124], [127], [130], [131], [133] require the network (routers) to enforce AC and authenticate clients. The fact that the intermediate routers have to perform authentication procedure undermines the scalability of these mechanisms.…”

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

See 1 more Smart Citation

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

223

109

View full text Add to dashboard Cite

Information-Centric Networking (ICN) replaces the widely used host-centric networking paradigm in communication networks (e.g., Internet, mobile ad hoc networks) with an information-centric paradigm, which prioritizes the delivery of named content, oblivious of the contents' origin. Content and client security, provenance, and identity privacy are intrinsic in the ICN paradigm versus the current host centric paradigm where they have been instrumented as an after-thought. By design, the ICN paradigm inherently supports many security and privacy features, such as provenance and identity privacy, which are still not effectively available in the host-centric paradigm. However, given its nascency, the ICN paradigm has several open security and privacy concerns. In this article, we survey the existing literature in security and privacy in ICN and present open questions. More specifically, we explore three broad areas: security threats, privacy risks, and access control enforcement mechanisms.We present the underlying principle of the existing works, discuss the drawbacks of the proposed approaches, and explore potential future research directions. In security, we review attack scenarios, such as denial of service, cache pollution, and content poisoning. In privacy, we discuss user privacy and anonymity, name and signature privacy, and content privacy. ICN's feature of ubiquitous caching introduces a major challenge for access control enforcement that requires special attention. We review existing access control mechanisms including encryption-based, attributebased, session-based, and proxy re-encryption-based access control schemes. We conclude the survey with lessons learned and scope for future work.

show abstract

Section: A Encryption-based Access Controlmentioning

confidence: 99%

Section: Summary and Future Directions In Access Controlmentioning

confidence: 99%

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Tourani

Misra

Mick

et al. 2018

IEEE Commun. Surv. Tutorials

223

109

View full text Add to dashboard Cite

show abstract

“…a ciphertext can be decrypted by the users who have the 'CS' AND 'student' OR 'professor' attributes. ABE has been widely used for implementing contemporary systems with distributed content sharing capabilities (e.g., [3], [20]) and has received considerable attention by the ICN community (e.g., [14], [18], [6]) . In these systems users use attributes to describe groups of trusted peers (e.g., 'friends', 'colleagues' etc.…”

Section: Related Workmentioning

confidence: 99%

Securing Content Sharing over ICN

Fotiou¹,

Polyzos²

2016

Proceedings of the 3rd ACM Conference on Information-Centric Networking

View full text Add to dashboard Cite

The emerging Information-Centric Networking (ICN) paradigm is expected to facilitate content sharing among users. ICN will make it easy for users to appoint storage nodes, in various network locations, perhaps owned or controlled by them, where shared content can be stored and disseminated from. These storage nodes should be (somewhat) trusted since not only they have (some level of) access to user shared content, but they should also properly enforce access control. Traditional forms of encryption introduce significant overhead when it comes to sharing content with large and dynamic groups of users. To this end, proxy re-encryption provides a convenient solution. In this paper, we use Identity-Based Proxy Re-Encryption (IB-PRE) to provide confidentiality and access control for content items shared over ICN, realizing secure content distribution among dynamic sets of users. In contrast to similar IB-PRE based solutions, our design allows each user to generate the system parameters and the secret keys required by the underlay encryption scheme using their own Private Key Generator, therefore, our approach does not suffer from the key escrow problem. Moreover, our design further relaxes the trust requirements on the storage nodes by preventing them from sharing usable content with unauthorized users. Finally, our scheme does not require out-of-band secret key distribution.

show abstract

“…(3) The encryption method proposed in the literature [6,7] can protect the privacy of content, but it cannot play the advantage of the universal cache of nodes. The strategy of this paper does not add extra time delay to response time, and there is also no additional proxy servers.…”

Section: Protocol Security Analysismentioning

confidence: 99%

“…Mohaisen A et al [6] proposed to increase response time to protect the cache privacy, but it would bring additional response delay and reduce the network transmission performance. Silva R S D et al [7] proposed a content data access control mechanism by using attribute encryption algorithm, which needs to configure a trusted proxy server. Feng T et al [8] proposed bidirectional anonymous identity-based ring signcryption for multiple receiver's scheme.…”

Section: Introductionmentioning

confidence: 99%

A Privacy Preserving Strategy Based on Anonymous Group in Content Centric Network

Ling¹,

Wen²,

Gong³

2017

dtcse

View full text Add to dashboard Cite

In Content Centric Networking (CCN), "publish-request-response" is presented in data communications between users and publishers, as well as the response message could be cacheable in the routing node. Based on this model, privacy disclosure is a threat to users and publishers. In this paper, a strategy for CNN privacy information protection is proposed. This system adopts hybrid encryption method which can take advantage of nodes ubiquitous cache in CCN. At the same time, it ensures fewer numbers of symmetric keys, which can minimize cache overhead. In addition, this paper puts forward the construction of anonymous group, which can hide the real signer and protect the identity of it.

show abstract

An access control mechanism to ensure privacy in named data networking using attribute-based encryption with immediate revocation of privileges

Cited by 29 publications

References 12 publications

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Security, Privacy, and Access Control in Information-Centric Networking: A Survey

Securing Content Sharing over ICN

A Privacy Preserving Strategy Based on Anonymous Group in Content Centric Network

Contact Info

Product

Resources

About