NAC: Name-Based Access Control in Named Data Networking

Abstract As a proposed Internet architecture, Named Data Networking must provide effective security support: data authenticity, confidentiality, and availability. This short paper focuses on supporting data confidentiality via encryption. The main challenge is to provide an easy-to-use key management mechanism that ensures only authorized parties are given the access to protected data. We describe the design of name-based access control (NAC) which provides automated key management by developing systematic naming conventions for both data and cryptographic keys. We also discuss an enhanced version of NAC that leverages attribute-based encryption mechanisms (NACABE) to improve the flexibility of data access control and reduce communication, storage, and processing overheads.
Authors
  • Zhiyi Zhang (UCLA)
  • Yingdi Yu (UCLA)
  • Alex Afanasyev (UCLA)
  • Lixia Zhang (UCLA)
Date Sep-2017
Venue ACM conference on Information-centric Networking 2017
Variants