Security and Privacy Challenges in Content-Centric Networks
- Author(s): Wood, Christopher Alphonse
- Advisor(s): Tsudik, Gene
- et al.
Today's Internet is aging. Connections are point-to-point and increasingly
protected by end-to-end encryption. This reduces security to data transport
instead of data itself. Content-Centric Networking (CCN) is a paradigm
shift away from this host- and channel-based design. CCN is an
architecture for naming, securing, and transferring named data from
producers to consumers upon request.
Consumers issue interests for named content. Routers forward interests towards
producers capable of providing authentic content with cryptographic
name-to-data bindings. Once found, routers forward content, in reverse,
towards consumers. Routers may also choose to cache content to serve duplicate
future interests. Object security, native authenticity, pull-based data
transfer, flow symmetry, and in-network services are among the notable
characteristics of CCN. In this dissertation, we study security and privacy
issues that stem from these architectural properties. Specifically, we study
variations and facets of access control, privacy risks and remedies, and
network-layer availability attacks and architectural mitigations. For each issue,
we describe the problem in detail and explain several countermeasures. We also present
detailed analyses and experimental assessments for each approach. We find that
sound engineering can mitigate several issues, while others remain insurmountable
challenges exacerbated by fundamental security and performance tradeoffs made by CCN.