Information-Centric Networking is an emerging alternative to host-centric networking designed for large-scale content distribution and stricter privacy requirements. Recent research on Information-Centric Networking focused on the protection of the network from attacks targeting the content delivery protocols, while assuming genuine content can always be retrieved from trustworthy nodes. In this paper, we depart from the assumption of the trustworthiness of network nodes and propose a novel certification methodology for information-centric networks that supports continuous security verification of non-functional properties. Our methodology provides a complete and detailed view of the network security status, increasing the trustworthiness of the network and its services. The proposed approach builds on an enhanced certification model capturing the evolution of the system over time. It also defines certification services that fully integrate with existing networks to collect evidence on the target of certification and carry out the certification process. It finally proposes two certification processes, centralized and decentralized, balancing the impact on the network and the system performance. Efficiency, performance, and soundness of our approach are experimentally evaluated in a simulated Named Data Networking (NDN) network targeting property availability.

A security certification scheme for Information-Centric Networks / M. Anisetti, C.A. Ardagna, F. Berto, E. Damiani. - In: IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT. - ISSN 1932-4537. - 19:3(2022 Sep), pp. 2397-2408. [10.1109/TNSM.2022.3165144]

A security certification scheme for Information-Centric Networks

M. Anisetti
Primo
;
C.A. Ardagna
Secondo
;
F. Berto
Penultimo
;
E. Damiani
Ultimo
2022

Abstract

Information-Centric Networking is an emerging alternative to host-centric networking designed for large-scale content distribution and stricter privacy requirements. Recent research on Information-Centric Networking focused on the protection of the network from attacks targeting the content delivery protocols, while assuming genuine content can always be retrieved from trustworthy nodes. In this paper, we depart from the assumption of the trustworthiness of network nodes and propose a novel certification methodology for information-centric networks that supports continuous security verification of non-functional properties. Our methodology provides a complete and detailed view of the network security status, increasing the trustworthiness of the network and its services. The proposed approach builds on an enhanced certification model capturing the evolution of the system over time. It also defines certification services that fully integrate with existing networks to collect evidence on the target of certification and carry out the certification process. It finally proposes two certification processes, centralized and decentralized, balancing the impact on the network and the system performance. Efficiency, performance, and soundness of our approach are experimentally evaluated in a simulated Named Data Networking (NDN) network targeting property availability.
English
assurance; certification; Information-Centric Networking; named data networking; security
Settore INF/01 - Informatica
Articolo
Esperti anonimi
Ricerca di base
Pubblicazione scientifica
   Cyber security cOmpeteNce fOr Research anD Innovation (CONCORDIA)
   CONCORDIA
   EUROPEAN COMMISSION
   H2020
   830927

   PIANO DI SOSTEGNO ALLA RICERCA 2015-2017 - LINEA 2 "DOTAZIONE ANNUALE PER ATTIVITA' ISTITUZIONALE"
set-2022
6-apr-2022
Institute of Electrical and Electronics Engineers (IEEE)
19
3
2397
2408
2408
Pubblicato
Periodico con rilevanza internazionale
crossref
Aderisco
info:eu-repo/semantics/article
A security certification scheme for Information-Centric Networks / M. Anisetti, C.A. Ardagna, F. Berto, E. Damiani. - In: IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT. - ISSN 1932-4537. - 19:3(2022 Sep), pp. 2397-2408. [10.1109/TNSM.2022.3165144]
partially_open
Prodotti della ricerca::01 - Articolo su periodico
4
262
Article (author)
Periodico con Impact Factor
M. Anisetti, C.A. Ardagna, F. Berto, E. Damiani
File in questo prodotto:
File Dimensione Formato  
pub_main.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 1.15 MB
Formato Adobe PDF
1.15 MB Adobe PDF Visualizza/Apri
paper.pdf

accesso aperto

Tipologia: Pre-print (manoscritto inviato all'editore)
Dimensione 1.11 MB
Formato Adobe PDF
1.11 MB Adobe PDF Visualizza/Apri
A_Security_Certification_Scheme_for_Information-Centric_Networks.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 1.2 MB
Formato Adobe PDF
1.2 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/921233
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 3
social impact