Security and Privacy in Named-Data Networking
- 11:00 13th May 2013 ( week 4, Trinity Term 2013 )Tony Hoare Room, Robert Hooke Building
With the growing realisation that current Internet protocols are reaching the limits of their senescence, a number of on-going research efforts aim to design potential next-generation Internet architectures. Although they vary in maturity and scope, in order to avoid past pitfalls, these efforts seek to treat security and privacy as key initial requirements. The Named Data Networking (NDN) is an Internet architecture that avoids IP's host-based, point-to-point networking approach in order to better accommodate new and emerging patterns of communication. NDN treats data as a first class object, explicitly naming it instead of its location. While the current Internet secures the "pipe" that carries data between hosts, NDN secures data – a design choice that decouples trust in data from trust in hosts, enabling scalable communication mechanisms, such as automatic caching of data in routers to optimize bandwidth. The NDN project poses numerous technical challenges that must be addressed to validate it as a future Internet architecture: routing scalability, fast forwarding, trust models, network security, content protection and privacy, and fundamental communication theory. This talk will overview NDN and then turn to security and privacy issues. By stressing content dissemination, NDN is an attractive and viable approach to many types of current and emerging communication models. It also incorporates some useful security and privacy features. We will first consider communication privacy and anonymity in NDN and describe an NDN add-on (called ANDANA) that offers the functionality similar to TOR on today's Internet. Since resilience to Denial of Service (DoS) attacks that plague today’s Internet is a major issue for any new architecture, we will discuss some initial research towards assessment and mitigation of DoS in NDN. Next, we will consider privacy implications of router-side content caching. Finally, we will discuss how to adapt NDN and its security features to environments other than content distribution, using the example of building automation.
Speaker bio
Gene Tsudik is a Chancellor's Professor of Computer Science at the University of California, Irvine (UCI). He obtained his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). Over the years, his research interests included numerous topics in security, privacy and applied cryptography. Since 2009, he serves as the Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC).Share this:
