Abstract | ||
---|---|---|
Information-Centric Networking (ICN) has been proposed as a future Internet architecture where data-centric security is one of its most distinguishing features when compared to the channel-based security in IP networks. In ICN, per packet digital signature offers a built-in authentication capability down to the packet level and a fine-grained trust model, yet it is insufficient to address the emerging security challenges in service function chaining, e.g., data may be processed by fake intermediate function nodes. In this paper, we investigate a whole-chain security approach, namely Secure Function Chaining (SFC), which ensures authenticity and data integrity when delivering data content through a chain of function nodes in ICN. In particular, we propose a novel packet signature structure, which consists of a content stack and a signature stack. At the data source and each of intermediate function nodes, we prepend a fixed-length hashed content to the content stack and prepend an unmodified signature (for the hashed content) to the signature stack. The proposed solution enables a Consumer to verify not only the final delivered data content, but also each and every entity in the whole function chaining process - from a Producer to the last function node that delivered the final content. We conduct a comprehensive set of experiments to evaluate the proposed function chaining process and its trust model. The results show the superior performance of the whole-chain security approach over the existing NDN security solution. The results show that the secure proposed scheme is an efficient scheme over the original hop-by-hop NDN signature scheme for a function chaining process and it can be used in substitute of the native scheme. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1109/ICCNC.2017.7876164 | 2017 International Conference on Computing, Networking and Communications (ICNC) |
Keywords | DocType | ISSN |
Information-centric networking,ICN,NDN,whole-chain security,secure function chaining | Conference | 2325-2626 |
ISBN | Citations | PageRank |
978-1-5090-4589-1 | 0 | 0.34 |
References | Authors | |
3 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mehdi Bahrami | 1 | 6 | 1.94 |
Liguang Xie | 2 | 0 | 0.34 |
Lei Liu | 3 | 588 | 64.83 |
Akira Ito | 4 | 45 | 3.85 |
Yang Peng | 5 | 10 | 3.95 |
Sevak Mnatsakanyan | 6 | 3 | 1.16 |
Zilong Ye | 7 | 0 | 0.34 |
Huiping Guo | 8 | 183 | 15.37 |