Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Aspects of Content-Centric Networking


Published on

The origin of today’s Internet can be traced back to the 1960s. From that time on the Internet has evolved to a global infrastructure for communication. It continuously distributes large amounts of information across the globe and it has become an essential part of our way of living. However, our demands on the Internet are continually growing and the things we actually want to achieve with it are changing. The initial concept of the Internet was simple and tailored to the problem of resource sharing. Of course, the use of the Internet has changed during the last 40 years, but its core architecture still is the same. Changing requirements lead to limitations and therefore the current Internet is facing a lot of them. They often can be circumvented, but the solutions are neither efficient nor cost-effective. In this thesis we discuss a new concept for a Future Internet architecture. It is called Content-Centric Networking (CCN) and is an approach to change the Internet’s communication model. Its objective is to get rid of today’s host-centric view and change it to a content-centric one. The reason for that is that people usually know what information they want to access, but do not care at which location they find it. A content-centric network could improve the Internet’s efficiency, mobility, scalability and security. Particularly, the latter will be surveyed in detail. This thesis shows how the notion of security in CCN has changed from a connection-based to a content-based one. The advantage that CCN couples security with content tightly will be emphasized. We will illustrate how packets are forged into self-authenticating units enabling users to consume cached data from arbitrary sources without having security concerns. Furthermore, today’s state-of-the-art security technologies are compared to the newly proposed ideas, which are also presented in detail. We discuss the current Internet’s abilities to withstand Denial-of-Service attacks in contrast to the capabilities of a content-centric network. Results look promising, however, new attack forms are emerging and we have analysed their threats. CCN’s ability to cache data inherently in the network is favourable, but also offers new points of vantage. We show how an adversary could make caches ineffective or even exploit them to violate user privacy or throttle data distribution. Of course, countermeasures against these attacks will be provided. This work also looks out for new ideas from which the concept of CCN could benefit. One of those is Broadcast Encryption (BE). We show how to build applications combining BE with the idea of CCN in a beneficial manner. Therefore, we have designed, developed and evaluated a prototype that provides video streaming with simple Digital Rights Management features over CCN. The evaluations indicate that these technologies fit together well. It is essential to search for a variety of technologies that could amplify the benefits of CCN ...

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security Aspects of Content-Centric Networking

  1. 1. SECURITY ASPECTS OF CONTENT- CENTRIC NETWORKING Posch et al. 1Security Aspects of CCN Daniel Posch1, Hermann Hellwagner1 and Peter Schartner2 Alpen-Adria University Klagenfurt (AAU) ♦ Faculty of Technical Sciences (TEWI) 1Institute of Information Technology (ITEC) ♦ Multimedia Communication (MMC) 2Institute of Applied Informatics ♦ System Security Group e-mail: For content-centric networking, a guy on a bicycle with a phone in his pocket is a networking element. He's doing a great job of moving bits. --- Van Jacobson
  2. 2. WIESO CONTENT-CENTRIC NETWORKING?  Ursprung des Internets liegt in den 1960-1970 Jahren  Ressourcenteilung  Host-basierte Kommunikation (IP)  Anforderungen haben sich geändert Limitierungen:  Verfügbarkeit: hohe Bandbreite, CDNs, P2P-Overlays  Effizienz: kein Caching, Kommunikation zwischen 2 Hosts  Mobilität: TCP/IP ist statisch, Identität  Standort  Skalierbarkeit: IPv4 Adressraum, Routing-Tabellen  Sicherheit: abhängig von Verbindungsinformationen und Hilfsmaßnahmen z.B. SSL/TLS, VPNs, etc.. Posch et al. Security Aspects of CCN 2 The Internet only just works. -- Handley M.
  3. 3. CCN – KOMMUNIKATIONSMODEL Posch et al. Security Aspects of CCN 3 [1] Ahlgren B., et al. A B C get object B A C BB D C D B untrusted connection trustable copy of B untrusted host D Ahlgren, B. et al. "A Survey of Information-centric Networking."
  4. 4. ZIELE DIESER MASTERARBEIT  Analyse des Sicherheitskonzeptes von CCN  Sicherheitsanforderungen  Inhaltsbasierte Sicherheit  Architektur-/Netzwerkbasierte Sicherheit  Caching versus Privatsphäre  Vielversprechende Technologien  Identity-based Cryptography  Broadcast Encryption  Evaluierung: Broadcast Encryption in CCN  Multimedia Streaming Szenario  Implementierung eines Prototypen Posch et al. Security Aspects of CCN 4 Literatur- Recherche Entwicklung von Ideen Praktische Umsetzung
  5. 5. INHALTSBASIERTE SICHERHEIT Posch et al. Security Aspects of CCN 5 Content Name Data Area Content Object Signature DigestAlgorithm,Witness, SignatureBits Signed Info PublisherPublicKeyDigest, KeyLocator, TimeStamp, FreshnessSeconds, Type ... Trust Reliability Availability Authenticity Integrity Privacy Confidentiality Anonymity Sicherheit := Safety + Security
  6. 6. BROADCAST ENCRYPTION UND MULTIMEDIA STREAMING IN CCN Posch et al. Security Aspects of CCN 6 Datentransport Sender {Geheimnis_1} {Geheimnis_2} {Geheimnis_3} { } {Geheimnis_n} ... MSB Widerrufen: {Geheimnis_2}
  7. 7. EVALUIERUNG Posch et al. Security Aspects of CCN 7 DRM Server DRM Client 1 6 Mbit/s RTT 30 ms DRM Client 2 CCN Router (Cache) LAN Startet 15s verzögert
  8. 8. RESULTATE Posch et al. Security Aspects of CCN 8
  9. 9. DANKE  Univ. Prof. Hermann Hellwagner  Assoc. Prof. Peter Schartner  Alpen-Adria Universität Klagenfurt  Fakultät für Technische Wissenschaften (TeWi)  Förderverein Technische Fakultät  Kirandeep Kaur  Familie und Freunden Posch et al. Security Aspects of CCN 9