Access control enforcement delegation for information-centric networking architectures

Authors:
Nikos Fotiou;Giannis F. Marias;George C. Polyzos
Affiliations:
Athens University of Economics and Business, Athens, Greece;Athens University of Economics and Business, Athens, Greece;Athens University of Economics and Business, Athens, Greece
Venue:
Proceedings of the second edition of the ICN workshop on Information-centric networking
Year:
2012

Citing 10
Cited 0

OpenID 2.0: a platform for user-centric identity management

Proceedings of the second ACM workshop on Digital identity management
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Decentralized access control in distributed file systems

ACM Computing Surveys (CSUR)
Privacy-Aware Role-Based Access Control

IEEE Security and Privacy
A card requirements language enabling privacy-preserving access control

Proceedings of the 15th ACM symposium on Access control models and technologies
Achieving secure, scalable, and fine-grained data access control in cloud computing

INFOCOM'10 Proceedings of the 29th conference on Information communications
Enabling Privacy-preserving Credential-based Access Control with XACML and SAML

CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Towards a secure rendezvous network for future publish/subscribe architectures

FIS'10 Proceedings of the Third future internet conference on Future internet
Naming in content-oriented architectures

Proceedings of the ACM SIGCOMM workshop on Information-centric networking
Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services

SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Information is the building block of Information Centric Networks (ICNs). Access control policies limit information dissemination to authorized entities only. Defining access control policies in an ICN is a non-trivial task as an information item may exist in multiple copies dispersed in various network locations, including caches and content replication servers. In this paper we propose an access control enforcement delegation scheme which enables the purveyor of an information item to evaluate a request against an access control policy, without having access to the requestor credentials nor to the actual definition of the policy. Such an approach has multiple merits: it enables the interoperability of various stakeholders, it protects user identity and it can set the basis for a privacy preserving mechanism. An implementation of our scheme supports its feasibility.