Visible to the public Access-Controlled In-Network Processing of Named Data

TitleAccess-Controlled In-Network Processing of Named Data
Publication TypeConference Paper
Year of Publication2016
AuthorsMarxer, Claudio, Scherb, Christopher, Tschudin, Christian
Conference NameProceedings of the 3rd ACM Conference on Information-Centric Networking
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4467-8
KeywordsAccess Control, content centric networking, in-network computation, information centric networking, Information Centric Networks, named data networking, named function networking, privacy, pubcrawl, Resiliency, Scalability, security
Abstract

In content-based security, encrypted content as well as wrapped access keys are made freely available by an Information Centric Network: Only those clients which are able to unwrap the encryption key can access the protected content. In this paper we extend this model to computation chains where derived data (e.g. produced by a Named Function Network) also has to comply to the content-based security approach. A central problem to solve is the synchronized on-demand publishing of encrypted results and wrapped keys as well as defining the set of consumers which are authorized to access the derived data. In this paper we introduce "content-attendant policies" and report on a running prototype that demonstrates how to enforce data owner-defined access control policies despite fully decentralized and arbitrarily long computation chains.

URLhttp://doi.acm.org/10.1145/2984356.2984366
DOI10.1145/2984356.2984366
Citation Keymarxer_access-controlled_2016