Session-based access control in information-centric networks: Design and analyses

Information-Centric Networking (ICN) has been proposed recently to improve the efficiency of content delivery in current IP networks. ICN employs data names, instead of host addresses, as routing and forwarding indicators. Content in the ICN carries only signature of the content provider but does not contain the identity of the content consumer by default. Such information is, however, essential for many of the web applications, such as email, online social networking, online game, e-commerce, and other session-based web services. In this paper, we propose a session-based access control (SAC) mechanism for ICN scenario to bridge the gap. Key distribution protocols are designed to protect the confidentiality of the content during information delivery. We also employ a dynamic naming scheme to enhance user privacy. According to security analysis, our access control mechanism can provide communication security and privacy protection for both sides of the session. Our design can be easily applied to session-based applications in ICN with negligible overhead.