Content-Centric Networking: Security

6,972 views

Published on

Presented for TTI Vanguard "Shift Happens" conference (http://bit.ly/TTIVshifthappens) visit to PARC, this is a basic overview of just the security aspects of our content-centric networking program.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,972
On SlideShare
0
From Embeds
0
Number of Embeds
2,485
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Content-Centric Networking: Security

  1. 1. Content-based Security Van Jacobson Research Fellow, PARC TTI/Vanguard at PARC February 25, 2010 parc ® Palo Alto Research Center
  2. 2. Content-centric Networking (CCN) is a communications architecture based on dissemination rather than conversation. (at the lowest level, you talk about named data, not to some server)
  3. 3. CCN offers ... • (provably) optimal content distribution • painless mobility, wireless, virtualization, ... • same scalability & efficiency as TCP/IP • simple, secure, robust configuration • an easy, incremental, evolutionary path • much better security
  4. 4. Internet security sucks and not because we’re not trying hard enough
  5. 5. Files, hosts and network connections are containers for information • A secured perimeter is the only way to secure containers. • For today’s business, any realistic perimeter encloses the planet.
  6. 6. Forget containers – secure the content Do it as the final production step to minimize attack surface. Ron Rivest’s SDSI has shown this works if content is augmented so any consumer can assess from the data: • Validity (is data intact and complete?) • Relevance (what question does this answer?) • Provenance (who asserts this is an answer?)
  7. 7. CCN data /nytimes.com/web/frontPage.html/v3/s0/0x3fdc96a4... signature 0x1b048347 key nytimes.com/web/george/desktop public key Signed by nytimes.com/web/george Signed by nytimes.com/web Signed by nytimes.com
  8. 8. Evidentiary Trust • Rich web of arises from signed content: information trustable, interconnected Content Content Content Content Content Content Content Content Content ! Content ! Content ! Content Content!! ! Key!! Key ! Key !!Key Key !Key Key Key !Key Key Key Key Key • Attacks haveand be consistent with information to links – get exponentially harder as information base grows. ! Strong security is emergent & effortless.
  9. 9. Information on CCN is available at www.ccnx.org including a GPL’d open-source release of our current research prototype.

×