Service-Oriented Information-Centric Vehicular Ad-hoc Networks

Modesto, Felipe

29 May 2019

With Vehicular mobile communication becoming a daily requirement and an ever increasing number of services being available to passengers, it is clear that vehicular networks efficient communication systems. VANETs, one of the most significant trends in ad-hoc networking, has much to gain from improved content delivery and one of the leading contenders for mobile networks is the Information-Centric networking approach. Its peculiarities define the Vehicular Environment requires specialized solutions, tailored for highly mobile environments. The main contribution of this thesis is the introduction of a novel architecture and components. We perform extensively discuss Information-Centric Vehicular Ad-hoc Networks. Additionally, we perform an in-depth analysis of bus-based transit systems into VANETs not only as participating members but as service providers and official agents including roles and potential challenges. We perform statistical analysis and analyze world data to denote the intrinsic potential of public transit systems. From the discussions presented, we introduce a novel service-based system architecture for Information-Centric Networking named SEVeN. The proposed model is designed to enable service exchange and service management in highly competitive vehicular ad-hoc networks. The proposed SEVeN architecture includes the introduction of a novel purpose-defined naming policy and service sub-layer as well as a service prioritization policy named LBD. We also discuss the current state of ICN caching in VANET, existing issues faced by vehicular networks and potential approaches based on intermediate cache coordination that can be taken to mitigate existing shortcommings. We perform a series of simulations and analyze the efficiency of popular caching in various network configurations to denote current shortcomings. From this discussion, we propose a cache content insertion policies, UG-Cache and MG-Cache, for ICN-VANETs. In these cache policies, cache insertion decisions are made based on recommendations from content sender dependent on request frequency and cache distance. We also introduce a caching policy based on collaborative observation of locality in request frequency, designed to allow vehicles to preemptively distribute and store in a reserved portion of the cache based on the cooperative observation of requests with provider-based location correlation. All novel elements proposed by this thesis are discussed, described, evaluated within the chapters of this thesis.

Computer Networks

Vehicular Networks

Information-Centric Networks

Service-Centric Architecture

Intermediate Caching

Content-Centric Networks

Improving Resilience of Communication in Information Dissemination for Time-Critical Applications

Deshmukh, Rajvardhan Somraj

02 July 2019

Severe weather impacts life and in this dire condition, people rely on communication, to organize relief and stay in touch with their loved ones. In such situations, cellular network infrastructure\footnote{We refer to cellular network infrastructure as infrastructure for the entirety of this document} might be affected due to power outage, link failures, etc. This urges us to look at Ad-hoc mode of communication, to offload major traffic partially or fully from the infrastructure, depending on the status of it. We look into threefold approach, ranging from the case where the infrastructure is completely unavailable, to where it has been replaced by make shift low capacity mobile cellular base station. First, we look into communication without infrastructure and timely, dissemination of weather alerts specific to geographical areas. We look into the specific case of floods as they affect significant number of people. Due to the nature of the problem we can utilize the properties of Information Centric Networking (ICN) in this context, namely: i) Flexibility and high failure resistance: Any node in the network that has the information can satisfy the query ii) Robust: Only sensor and car need to communicate iii) Fine grained geo-location specific information dissemination. We analyze how message forwarding using ICN on top of Ad hoc network, approach compares to the one based on infrastructure, that is less resilient in the case of disaster. In addition, we compare the performance of different message forwarding strategies in VANETs (Vehicular Adhoc Networks) using ICN. Our results show that ICN strategy outperforms the infrastructure-based approach as it is 100 times faster for 63\% of total messages delivered. Then we look into the case where we have the cellular network infrastructure, but it is being pressured due to rapid increase in volume of network traffic (as seen during a major event) or it has been replaced by low capacity mobile tower. In this case we look at offloading as much traffic as possible from the infrastructure to device-to-device communication. However, the host-oriented model of the TCP/IP-based Internet poses challenges to this communication pattern. A scheme that uses an ICN model to fetch content from nearby peers, increases the resiliency of the network in cases of outages and disasters. We collected content popularity statistics from social media to create a content request pattern and evaluate our approach through the simulation of realistic urban scenarios. Additionally, we analyze the scenario of large crowds in sports venues. Our simulation results show that we can offload traffic from the backhaul network by up to 51.7\%, suggesting an advantageous path to support the surge in traffic while keeping complexity and cost for the network operator at manageable levels. Finally, we look at adaptive bit-rate streaming (ABR) streaming, which has contributed significantly to the reduction of video playout stalling, mainly in highly variable bandwidth conditions. ABR clients continue to suffer from the variation of bit rate qualities over the duration of a streaming session. Similar to stalling, these variations in bit rate quality have a negative impact on the users’ Quality of Experience (QoE). We use a trace from a large-scale CDN to show that such quality changes occur in a significant amount of streaming sessions and investigate an ABR video segment retransmission approach to reduce the number of such quality changes. As the new HTTP/2 standard is becoming increasingly popular, we also see an increase in the usage of HTTP/2 as an alternative protocol for the transmission of web traffic including video streaming. Using various network conditions, we conduct a systematic comparison of existing transport layer approaches for HTTP/2 that is best suited for ABR segment retransmissions. Since it is well known that both protocols provide a series of improvements over HTTP/1.1, we perform experiments both in controlled environments and over transcontinental links in the Internet and find that these benefits also “trickle up” into the application layer when it comes to ABR video streaming where HTTP/2 retransmissions can significantly improve the average quality bitrate while simultaneously minimizing bit rate variations over the duration of a streaming session. Taking inspiration from the first two approaches, we take into account the resiliency of a multi-path approach and further look at a multi-path and multi-stream approach to ABR streaming and demonstrate that losses on one path have very little impact on the other from the same multi-path connection and this increases throughput and resiliency of communication.

Information Centric Networking

VANETs

Adaptive bitrate streaming

HTTP/2

QUIC

MPTCP

Systems and Communications

Efficient naming for Smart Home devices in Information Centric Networks

Rossland Lindvall, Caspar, Söderberg, Mikael

January 2020

The current network trends point towards a significant discrepancy between the data usage and the underlying architecture; a severely increasing amount of data is being sent from more devices while data usage is becoming more data-centric instead of the previously host-centric. Information Centric Network (ICN) is a new alternative network paradigm that is designed for a data-centric usage. ICN is based on uniquely naming data packages and making it location independent. This thesis researched how to implement an efficient naming for ICN in a Smart Home Scenario. The results are based on testing how the forwarding information base is populated for numerous different scenarios and how a node's duty cycle affects its power usage. The results indicate that a hierarchical naming is optimized for hierarchical-like network topology and a flat naming for interconnected network topologies. An optimized duty cycle is strongly dependent on the specific network and accordingto the results can a sub-optimal duty cycle lead to excessive powerusage.

Information Centric Network

ICN

Named Data Network

NDN

The Internet of Things

IoT

Computer and Information Sciences

Data- och informationsvetenskap

Studies on Information Sharing using Peer-to-Peer Systems and Information-Centric Networking / P2PシステムおよびICNによる情報共有に関する研究

Matsubara, Daisuke

23 March 2015

京都大学 / 0048 / 新制・課程博士 / 博士(情報学) / 甲第19131号 / 情博第577号 / 新制||情||101(附属図書館) / 32082 / 京都大学大学院情報学研究科通信情報システム専攻 / (主査)教授 高橋 達郎, 教授 守倉 正博, 高橋 豊 / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DGAM

Peer-to-Peer Systems

Information-Centric Networking

Information Sharing

Mobility

007

Information retention for disaster-stricken networks using Content Centric Networking / Informationsbevarande för katastrofdrabbade nätverk genom Content Centric Networking

Andersson, Elias

January 2017

The underlying architecture of the Internet has been mostly the same since its beginning in the 1960s and the TCP/IP protocol stack remains ubiquitous. However the Internet is today used for much wider purposes than what was originally intended and now the most common use of the Internet is for the distribution of various forms of content. Information Centric Networking (ICN) is an alternative architecture responding to this change in usage, intended to be more prepared to handle the new requirements of the Internet not only today but also in the future. The primary concern in ICN is the secure and efficient distribution of content. Current ICN research often concerns applications on various disaster scenarios as it is believed that ICN has properties that match the requirements of such scenarios. In this thesis that research is continued by developing an especially designed information retention solution, using the existing ICN implementation of Content Centric Networking (CCN). The aim is to maximisise and prolong the availability of as much content as possible in disaster-stricken networks by preemptively replicating content across the network topology. The solution is then evaluated against a scenario set in a network topology consisting of virtual machines. The final result is that the solution performs satisfactorily and thus demonstrate the potential of ICN when applied to such scenarios. / Internets underliggande arkitektur har varit i stort sett oförändrad sedan sin begynnelse på 1960-talet, och TCP/IP protokollstacken är fortsatt universell. Dock så används Internet idag för betydligt bredare ändamål än de ursprungliga syftena, och nu används Internet främst för att distribuera olika former av innehåll. Information Centric Networking (ICN) är en alternativ arkitektur som svarar på denna förändring i använding, avsedd att vara mer förberedd att hantera de nya kraven på Internet inte bara idag men också i framtiden. Den största angelägenheten i ICN är att distribuera innehåll på ett säkert och effektivt vis. Nuvarande forskning inom ICN handlar ofta om tillämpningar på olika sorters katastrofscenarier då tron är att ICN har egenskaper som motsvarar kraven hos sådana scenarier. I den här uppsatsen fortsätts denna forskning genom att en speciellt formgiven informationsbevaringslösning utvecklas, som nyttjar den existerande ICN-implementationen Content Centric Networking (CCN). Målet är att maximera och förlänga tillgängligheten av så mycket innehåll som möjligt i katastrofdrabbade nätverk genom att i förebyggande syfte replikera innehåll genom nätverkstopologin. Lösningen evalueras sedan mot ett scenario som utspelas i en nätverkstopologi utav virtuella maskiner. Det slutgiltiga resultatet är att lösningen presterar tillfredsställande och på så vis demonstrerar potentialen hos ICN vid tillämpning på sådana scenarion.

Information Centric Networking

Content Centric Networking

disaster scenarios

Computer Sciences

Datavetenskap (datalogi)

Mobility management for the information centric future internet / Gestion de la mobilité pour l'internet du futur centré autour de l'information

Saleem, Muhammad Shoaib

19 November 2012

L'Internet d'aujourd'hui a traversé série de changements évolutionnaires dans les quarante ou cinquante dernières années. Il a été conçu pour un réseau avec des nœuds fixes. Au début, le modèle de communication de l'Internet a été basé sur le réseau téléphonique (considéré comme 1er Génération Internet). Plus tard, il a été mis à jour comme un modèle client-serveur où la communication des systèmes d'échanger des données sur des liaisons dédiées. Cette 2ème génération Internet, au cours des années, a été contestée par de nombreux problèmes tels que la congestion du réseau, panne de chemin, les attaques DOS, gestion de la mobilité pour les réseaux sans fil, etc. Les utilisateurs d'Internet recherchent toujours des informations, indépendamment de la localisation (nœud ou serveur) où il se trouve ou stockées. Cette approche est la base d'une architecture où l'information est considérée comme l'unité primaire. Ces réseaux, en général, sont appelés en tant que Network of Information (NetInf), où l'information prend une position centrée remplaçant l'approche centrée sur nœud comme dans l'Internet aujourd'hui. Les problèmes rencontrés par l'Internet aujourd’hui, mentionné ci-dessus, peuvent être traitées avec une approche unificatrice en mettant l'information au centre de l'architecture du réseau. À l'échelle mondiale, cette conception de l'architecture réseau est nommée « Future Information Centric Internet ». En parallèle, l'utilisation de l'Internet mobile a été augmentée durant la dernière décennie. Il a été environ 1,2 milliard abonnements de mobile broad band pour 2,4 milliards d’utilisateurs d'Internet en 2011. En raison d’augmentation de l'efficacité spectrale et ubiquitaire disponibilité de la connectivité cellulaire, la mobilité et la connectivité transparente est désormais considérée comme des produits de base la vie quotidienne. Néanmoins, en cas d'Internet, les solutions de mobilité basées sur IP ne peuvent pas rattraper son retard dans la performance avec l'évolution rapide des réseaux cellulaires. Par conséquent, l'un des principaux objectifs pour l'internet du futur est de concevoir des systèmes de gestion de mobilité qui permettent de surmonter les problèmes dans les réseaux sans fil tels que handover et la gestion de la localisation, multihoming, sécurité, etc. Dans cette thèse, nous avons proposé une solution de gestion de mobilité dans les réseaux sans fil dans le cadre du Information Centric Networking (ICN) en général et dans le contexte ne NetInf en particulier. NetInf est une architecture du Futur Internet basée sur le concept du ICN. Nous proposons un nœud mobile qui s’appelle NetInf Mobile Node (NetInf MN). L'architecture de ce nœud est compatible avec l'architecture d'Internet basée sur TCP/TP. Cette conception de l'architecture travaille en collaboration avec Central Control Unit (CCU) pour améliorer les performances en cas de handover dans les réseaux sans fil. La Virtual Node Layer (VNL) algorithme explique comment les différents modules de NetInf MN et des unités CCU travaillé ensemble. La modèle mathématique basé sur Théorie de Jeu et Renforcement Learning (CODIPAS-RL) montre comment handover et data relaying sont géré dans les réseaux sans fil. Les résultats des simulations montrent que le modèle proposé réalise à la fois de Nash et de Stackelberg équilibres alors que le CODIPAS-RL régime atteint un optimum global. Enfin, comme un exemple de cas d'utilisation de l'architecture NetInf, nous proposons le NetInf Email Service qui ne requiert pas des serveurs et ports dédiés contrairement au service e-mail existante. L'utilisation de clés asymétriques comme l'ID de l'utilisateur est la caractéristique unique proposée pour ce service. Le NetInf Email service architecture présenté, explique comment différents éléments architecturaux travail ensemble. Nous discuter des défis différents et des besoins relatifs à ce service. Le prototype développé pour NetInf sera utilisée pour la mise en œuvre de ce service / The contemporary Internet ecosystem today has gone through series of evolutionary changes during the last forty or fifty years. Though it was designed as a network with fixed nodes, it has scaled well enough with the development of new technologies both in fixed and wireless networks. Initially, the communication model of the Internet was based on the telephone network (and can be considered as the 1st Generation Internet). Later, its transition as a client-server model made it a network where communication systems exchange data over dedicated links. This 2nd Generation Internet, over the years, has been challenged by many problems and issues such as network congestion, path failure, DOS attacks, mobility issues for wireless networks, etc. The Internet users always look for some information, irrespectively where it is located or stored. This approach is the basic building block for a network architecture where information is considered as the premier entity. Such networks, in general, are termed as Information Centric Network (ICN), where information takes centric position superseding the node centric approach like in the current Internet. The problems faced by the current Internet architecture, mentioned above, can be handled with a unifying approach by putting the information at the centre of the network architecture. On a global scale, this network architecture design is termed as the Future Information Centric Internet. Similarly, Mobile Internet usage has increased overwhelmingly in the last decade. There has been an estimated 1.2 billion mobile broad-band subscriptions for 2.4 billion Internet users in 2011. Because of the increased spectrum efficiency and ubiquitous availability of cellular connectivity, the seamless mobility and connectivity is now considered as daily life commodity. However, in the case of the Internet, IP based mobility solutions cannot catch up in performance with the fast evolution of cellular networks. Therefore, one of the primary goals for the Future Internet is the design of mobility management schemes that overcome the issues in wireless networks such as handover and location management, multihoming, security, etc. In this thesis, we have proposed a mobility management solution in wireless networks in the context of ICN in general and in the context of Network of Information (NetInf) in particular. NetInf is ICN-based Future Internet architecture. We propose a NetInf Mobile Node (NetInf MN) architecture which is backward compatible with the current Internet architecture as well. This cross architecture design for mobility support works closely with Central Control Unit (CCU) (network entity) for improved performance in case of handover management in wireless networks. The Virtual Node Layer (VNL) algorithm explains how different modules of NetInf MN and CCU units work together. The game theoretical and Reinforcement Learning (CODIPAS-RL) scheme based mathematical model shows how handover management and data relaying in the wireless networks can increase the network coverage through cooperative diversity. Simulation results show that the proposed model achieves both Nash and Stackelberg equilibria where as the selected CODIPAS-RL scheme reaches global optimum. Finally, as a use case example of NetInf architecture, we propose the NetInf Email service that does not require dedicated servers or dedicated port unlike the current email service. The use of asymmetric keys as user's ID is the unique feature proposed for this service. The NetInf email service architecture framework presented, explains how different architectural components work together. We discuss different challenges and requirements related to this service. The prototype developed for the Network of Information will be used for the implementation of this service

Information Centric Network (ICN)

Network of Information (NetInf)

Gestion de la mobilité

Théorie des jeux

Equilibre de Nash

Equilibre de Stackelberg

Information Centric Network (ICN)

Network of Information (NetInf)

Mobility Management

Game Theory

Nash Equilibrium

Stackelberg Equilibrium

Forwarding Strategies in Information Centric Networking

Sadek, Ahmed

January 2016

The Internet of the 21th century is a different version from the original Internet. The Internet is becoming more and more a huge distribution network for large quantities of data (Photos, Music, and Video) with different types of connections and needs. TCP/IP the work horse for the Internet was intended as a vehicle to transport best effort Connection oriented data where the main focus is about transporting data from point A to point B regardless of the type of data or the nature of path.  Information Centric Networking (ICN) is a new paradigm shift in a networking where the focus in networking is shifted from the host address to the content name. The current TCP/IP model for transporting data depends on establishing an end to end connection between client and server. However, in ICN, the client requests the data by name and the request is handled by the network without the need to go each time to a fixed server address as each node in the network can serve data. ICN works on a hop by hop basis where each node have visibility over the content requested enabling it to take more sophisticated decisions in comparison to TCP/IP where the forwarding node take decisions based on the source and destination IP addresses. ICN have different implementations projects with different visions and one of those projects is Named Data Networking (NDN) and that’s what we use for our work. NDN/ICN architecture consists of different layers and one of those layers is the Forwarding Strategy (FS) layer which is responsible for deciding how to forward the coming request/response. In this thesis we implement and simulate three Forwarding Strategies (Best Face Selection, Round Robin, and Weighted Round Robin) and investigate how they can adapt to changes in link bandwidth with variable traffic rate. We performed a number of simulations using the ndnSIMv2.1 simulator. We concluded that Weighted Round Robin offers high throughput and reliability in comparison to the other two strategies. Also, the three strategies offer better reliability than using a single static face and offer lower cost than using the broadcast strategy. We also concluded that there is a need for a dynamic congestion control algorithm that takes into consideration the dynamic nature of ICN. / 2000-talets Internet är en annan version av det ursprungliga Internet. Internet blir mer och mer ett stort distributionsnät för stora mängder data (foton, musik och video) med olika typer av anslutningar och behov. TCP / IP är arbetshäst för Internet var tänkt som ett fordon för att transportera best effort Anslutning orienterade uppgifter där huvudfokus handlar om att transportera data från punkt A till punkt B, oavsett vilken typ av data eller vilken typ av väg. Information Centric Nätverk (ICN) är ett nytt paradigmskifte inom nätverk där fokus i nätverket flyttas från värdadressen till innehållets namn. Den aktuella TCP / IP-modellen för transport av data beror på att etablera en anslutning mellan klient och server (s.k. end-to-end). I ICN begär klienten data med namn och begäran hanteras av nätverket utan att behöva gå till en fix serveradress eftersom varje nod i nätverket kan besvara en begäran med data. ICN arbetar på en ”hop by hop” basis där varje nod har överblick över det begärda innehållet, vilket gör det möjligt att ta mer avancerade beslut i jämförelse med TCP / IP, där den vidarebefordrande nodens beslut fattas baserat på källans och destinationens IP-adresser. Det finns olika implementeringar av ICN med olika visioner och en av dessa implementeringar heter Named Data Networking (NDN) och det är vad vi använder för vårt arbete. NDNs / ICNs arkitektur består av olika lager och ett av dessa lager är Forwarding Strategies (FS) där vi definierar de åtgärder vi vidtar på varje begäran / svar. I detta projekt implementeras och simuleras tre Forwarding strategier (Best Face Selection, Round Robin, och Weighted Round Robin) och undersöks hur de kan anpassa sig till förändringar i länkbandbredd med konstant och variabel trafikhastigheten. Vi utfört ett antal simuleringar med hjälp av ndnSIMv2.1 simulatorn. Vi drog slutsatsen att Weighted Round Robin erbjuder hög genomströmning och tillförlitlighet i jämförelse med de två andra strategierna.  De tre strategierna erbjuder även högre tillförlitlighet än att använda ett enda statiskt  interface och erbjuder lägre kostnad än att använda broadcast strategin. Vi konstaterade också att det finns ett behov av en dynamisk ”congestion control”-algoritm som tar hänsyn till ICNs dynamiska karaktär.

Information Centric Networking (ICN)

Name Data Networks (NDN)

ndnSIM

Forwarding Strategies

Future Internet

Information Centric Nätverk (ICN)

Namn datanät (NDN)

ndnSIM

Forwarding strategier

framtidens Internet.

Engineering and Technology

Teknik och teknologier

Uma abordagem escalável para controle de acesso muitos para muitos em redes centradas de informação

Silva, Rafael Hansen da

January 2016

Um dos principais desafios em Redes Centradas em Informação (ICN) é como prover controle de acesso à publicação e recuperação de conteúdos. Apesar das potencialidades, as soluções existentes, geralmente, consideram um único usuário agindo como publicador. Ao lidar com múltiplos publicadores, elas podem levar a uma explosão combinatória de chaves criptográficas. As soluções projetadas visando a múltiplos publicadores, por sua vez, dependem de arquiteturas de redes específicas e/ou de mudanças nessas para operar. Nesta dissertação é proposta uma solução, apoiada em criptografia baseada em atributos, para controle de acesso a conteúdos. Nessa solução, o modelo de segurança é voltado a grupos de compartilhamento seguro, nos quais todos os usuários membros podem publicar e consumir conteúdos. Diferente de trabalhos anteriores, a solução proposta mantém o número de chaves proporcional ao de membros nos grupos e pode ser empregada em qualquer arquitetura ICN de forma gradual. A proposta é avaliada quanto ao custo de operação, à quantidade de chaves necessárias e à eficiência na disseminação de conteúdos. Em comparação às soluções existentes, ela oferece maior flexibilidade no controle de acesso, sem aumentar a complexidade do gerenciamento de chaves e sem causar sobrecustos significativos à rede. / One of the main challenges in Information-Centric Networking (ICN) is providing access control to content publication and retrieval. In spite of the potentialities, existing solutions often consider a single user acting as publisher. When dealing with multiple publishers, they may lead to a combinatorial explosion of cryptographic keys. Those solutions that focus on multiple publishers, on the other hand, rely on specific network architectures and/or changes to operate. In this dissertation, it is proposed a solution, supported by attribute-based encryption, for content access control. In this solution, the security model is focused on secure content distribution groups, in which any member user can publish to and retrieve from. Unlike previous work, the proposed solution keeps the number of cryptographic keys proportional to the number of group members, and may even be adopted gradually in any ICN architecture. The proposed solution is evaluated with respect to the overhead it imposes, number of required keys, and efficiency in the content dissemination. In contrast to existing solutions, it offers higher access control flexibility, without increasing key management process complexity and without causing significant network overhead.

Redes : Computadores

Gerencia : Redes : Computadores

Information-centric networking

Access control

Many-to-many publication and retrival

Attribute-based encryption

Uma abordagem escalável para controle de acesso muitos para muitos em redes centradas de informação

Silva, Rafael Hansen da

January 2016

Um dos principais desafios em Redes Centradas em Informação (ICN) é como prover controle de acesso à publicação e recuperação de conteúdos. Apesar das potencialidades, as soluções existentes, geralmente, consideram um único usuário agindo como publicador. Ao lidar com múltiplos publicadores, elas podem levar a uma explosão combinatória de chaves criptográficas. As soluções projetadas visando a múltiplos publicadores, por sua vez, dependem de arquiteturas de redes específicas e/ou de mudanças nessas para operar. Nesta dissertação é proposta uma solução, apoiada em criptografia baseada em atributos, para controle de acesso a conteúdos. Nessa solução, o modelo de segurança é voltado a grupos de compartilhamento seguro, nos quais todos os usuários membros podem publicar e consumir conteúdos. Diferente de trabalhos anteriores, a solução proposta mantém o número de chaves proporcional ao de membros nos grupos e pode ser empregada em qualquer arquitetura ICN de forma gradual. A proposta é avaliada quanto ao custo de operação, à quantidade de chaves necessárias e à eficiência na disseminação de conteúdos. Em comparação às soluções existentes, ela oferece maior flexibilidade no controle de acesso, sem aumentar a complexidade do gerenciamento de chaves e sem causar sobrecustos significativos à rede. / One of the main challenges in Information-Centric Networking (ICN) is providing access control to content publication and retrieval. In spite of the potentialities, existing solutions often consider a single user acting as publisher. When dealing with multiple publishers, they may lead to a combinatorial explosion of cryptographic keys. Those solutions that focus on multiple publishers, on the other hand, rely on specific network architectures and/or changes to operate. In this dissertation, it is proposed a solution, supported by attribute-based encryption, for content access control. In this solution, the security model is focused on secure content distribution groups, in which any member user can publish to and retrieve from. Unlike previous work, the proposed solution keeps the number of cryptographic keys proportional to the number of group members, and may even be adopted gradually in any ICN architecture. The proposed solution is evaluated with respect to the overhead it imposes, number of required keys, and efficiency in the content dissemination. In contrast to existing solutions, it offers higher access control flexibility, without increasing key management process complexity and without causing significant network overhead.

Redes : Computadores

Gerencia : Redes : Computadores

Information-centric networking

Access control

Many-to-many publication and retrival

Attribute-based encryption

Uma abordagem escalável para controle de acesso muitos para muitos em redes centradas de informação

Silva, Rafael Hansen da

January 2016

Um dos principais desafios em Redes Centradas em Informação (ICN) é como prover controle de acesso à publicação e recuperação de conteúdos. Apesar das potencialidades, as soluções existentes, geralmente, consideram um único usuário agindo como publicador. Ao lidar com múltiplos publicadores, elas podem levar a uma explosão combinatória de chaves criptográficas. As soluções projetadas visando a múltiplos publicadores, por sua vez, dependem de arquiteturas de redes específicas e/ou de mudanças nessas para operar. Nesta dissertação é proposta uma solução, apoiada em criptografia baseada em atributos, para controle de acesso a conteúdos. Nessa solução, o modelo de segurança é voltado a grupos de compartilhamento seguro, nos quais todos os usuários membros podem publicar e consumir conteúdos. Diferente de trabalhos anteriores, a solução proposta mantém o número de chaves proporcional ao de membros nos grupos e pode ser empregada em qualquer arquitetura ICN de forma gradual. A proposta é avaliada quanto ao custo de operação, à quantidade de chaves necessárias e à eficiência na disseminação de conteúdos. Em comparação às soluções existentes, ela oferece maior flexibilidade no controle de acesso, sem aumentar a complexidade do gerenciamento de chaves e sem causar sobrecustos significativos à rede. / One of the main challenges in Information-Centric Networking (ICN) is providing access control to content publication and retrieval. In spite of the potentialities, existing solutions often consider a single user acting as publisher. When dealing with multiple publishers, they may lead to a combinatorial explosion of cryptographic keys. Those solutions that focus on multiple publishers, on the other hand, rely on specific network architectures and/or changes to operate. In this dissertation, it is proposed a solution, supported by attribute-based encryption, for content access control. In this solution, the security model is focused on secure content distribution groups, in which any member user can publish to and retrieve from. Unlike previous work, the proposed solution keeps the number of cryptographic keys proportional to the number of group members, and may even be adopted gradually in any ICN architecture. The proposed solution is evaluated with respect to the overhead it imposes, number of required keys, and efficiency in the content dissemination. In contrast to existing solutions, it offers higher access control flexibility, without increasing key management process complexity and without causing significant network overhead.

Redes : Computadores

Gerencia : Redes : Computadores

Information-centric networking

Access control

Many-to-many publication and retrival

Attribute-based encryption