An Overview of Security Support in Named Data Networking
NDN Technical Report, NDN-0057, Revision 3 (June 12, 2018)
by Zhiyi Zhang, Yingdi Yu, Haitao Zhang, Eric Newberry, Spyridon Mastorakis, Yanbiao Li, Alexander Afanasyev, and Lixia Zhang
This paper presents an overview of the security mechanisms in the Named Data Networking (NDN) architecture that have been developed over the past several years. NDN changes the network communication model from the delivery of packets between hosts identified by IP addresses to the retrieval of named and secured data packets. Consequently, NDN also fundamentally changes the approaches to network security. Making named data the centerpiece of the architecture leads to a new security framework that: (i) secures data directly, and (ii) uses name semantics to enable applications to reason about security, and to automate the use of cryptographic keys. In this paper, we introduce NDN’s approach to security bootstrapping, data authenticity, integrity, confidentiality, and availability.