[IEEE 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Ajaccio, France (2013.06.24-2013.06.26)] 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Social network based security scheme in mobile information-centric network

Download [IEEE 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Ajaccio, France (2013.06.24-2013.06.26)] 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Social network based security scheme in mobile information-centric network

Post on 30-Jan-2017

217 views

Category:

Documents

5 download

Embed Size (px)

TRANSCRIPT

  • Social Network Based Security Scheme in Mobile Information-Centric Network

    You Lu, Zhiyang Wang, Yu-Ting Yu, Ruolin Fan, Mario Gerla

    Department of Computer Science University of California, Los Angeles

    Los Angeles, CA 90095, USA {youlu, seanwangsk, yutingyu, ruolinfan, gerla}@cs.ucla.edu

    AbstractWith the spread of mobile Internet, users have increased opportunities to retrieve content from the content producer via the application in mobile information-centric network. For security consideration, the content data must be encrypted and the content producer must be authenticated. Content data is signed by the producer and delivered to the requester via the public-key cryptography. A Certificate Authority (CA) generally verifies the binding between public-key and the producer identity. However, CA verification is not suitable in a mobile information-centric network where connection to a CA cannot be guaranteed. In this paper, we propose a social network based security scheme to verify the public-key and producer identity binding. The proposed scheme is evaluated on an artificial social network model first and is then validated on a real social network data.

    Keywordssecurity; social network; information-centric network

    I. INTRODUCTION With the development of mobile ad hoc network,

    people have easy access to their interesting information using mobile devices. The growing requirement of the content retrieval has created increasing attention to information-centric networks (ICNs) in both academia and industry.

    ICN is designed for content data search and retrieval, offering an alternative approach to IP-based computer networking. In ICN, users focus on the content they are interested in. They need not know where this content is stored and by whom it is carried. Each content data is identified by a unique name from the hierarchical naming scheme. The content retrieval follows the query-reply mode. Content requester spreads his Interest packet through the network. When matching content is found either in the content producer or at an intermediate content cache server, the content data will trace its way back to the content request along the reversed route of the incoming Interest. Several existing ICN proposals have been studied and implemented in Internet and MANET test beds. CCN

    [1] and NDN [2] are two popular designs for the ICN implementation in Internet. Vehicle-NDN [3] and MANET-CCN [4] are two examples of the ICN architecture in mobile ad hoc network, and address the mobility challenge in content retrieval.

    Since the purpose of ICN is to obtain the content data requested by the requester, there is a growing motivation to validate the content received from other users to avoid security breaches. For example, a malicious intermediate node may penetrate security and replace parts of the message content in a multi-hop wireless network. This is known as the man in the middle attack. In other scenarios, attackers may impersonate the sender, etc.

    Security consideration for the ICN application mainly contains two aspects, the trust of the content producer and the integrity of the data. The trust authentication scheme [5] answers the question of how trustworthy the content producer is. The existing public-key cryptography [6] and PKI [7] schemes can be used in ICN to provide adequate security.

    Public-key cryptography refers to a cryptographic system requiring two separate keys, one of which is secret and one of which is public. Although different, the two parts of the key pair are mathematically linked. The public key may be published without compromising security, while the private key must not be revealed to anyone not authorized to read the messages.

    The Public-Key Infrastructure (PKI) system is used to verify the binding relationship between the public-key and the user identity in public-key cryptography scheme. However, the current PKI scheme has been considered inefficient, unusable and difficult to deploy, especially for the mobile application scenario. For example, in the application scenario of vehicular network without any infrastructure, the PKI service is unusable. Mobile ICN needs a more flexible and usable mechanism to verify the binding relationship of the user identity and public-key.

    978-1-4799-1004-5/13/$31.00 2013 IEEE

    2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)

    1

  • In this paper, we propose a social network based security scheme to solve both authenticity and integrity problem for the mobile information-centric network application. Our scheme allows user to verify the content producer identity and its public-key binding relationship by retrieving the identity bundle from a trust social network. We evaluate the scheme in a large social network and report its performance in terms of scalability and practicability.

    The rest of the paper is organized as follows. Related work is briefly reviewed in section II. The proposed security scheme is described in section III. Experiment results are presented in section IV. Conclusions follow in section V.

    II. RELATED WORKS In this section, we review the general idea of

    information-centric network, and discuss its security consideration in ICN in terms of the public-key cryptography and PKI scheme.

    A. Information-Centric Network Information-centric network is an alternative approach

    to the architecture of IP-based computer networks. The basic principle is that user only needs to focus on his interested content data, rather than having to reference a specific, physical location where that data is to be retrieved from. ICN differs from IP-based routing in three aspects. First, all content is identified or named by the hierarchical naming scheme. Name becomes the object of request. Second, carefully designed caching system among the entire network helps the content distribution and provides the native features to support many applications, e.g., multicast. Third, the packet communication follows the form of query-reply mode. User (content requester) spreads his interested content name in the Interest packet to the network. When one Interest packet hits the content name in intermediate cache server or the media server (content producer), the content data packets will be forwarded back to the content requester along the reversed route of the incoming Interest.

    A number of previous studies focused on the ICN with high level architectures and provided sketches of the required components. Content-Centric Network (CCN) [1] and Named Data Network (NDN) [2] are two well-known proposals for the ICN implementation in Internet. Their components including FIT, PIT, and Content Store form the caching and forwarding system for the content data transmission in the Internet application. Meanwhile, several mobile ICN architectures have been proposed for the mobile ad hoc scenario, e.g., Vehicle-NDN [3] for the traffic information dissemination in vehicular networks, and MANET-CCN [4] for the tactical and emergency application in MANETs.

    Communication in ICN is driven by the receiving end, i.e., the data requester. To receive data, a requester sends out an Interest packet, which carries a name that identifies the desired data, as shown in Figure 1. For example, a requester may request /parc/videos/WidgetA.mpg. A router remembers the interface from which the request comes in, and then forwards the Interest packet by looking up the name in its Forwarding Information Base (FIB), which is populated by a name-based routing protocol. Once the Interest reaches a node that has the requested data, a Data packet is sent back, which carries both the name and the content of the data, together with a signature by the producers key, as shown in Figure 1. This Data packet traces in reverse the path created by the Interest packet back to the requester. Note that neither Interest nor Data packets carry any host or interface addresses (such as IP addresses); Interest packets are routed towards data producers based on the names carried in the Interest packets, and Data packets are returned based on the state information set up by the Interests at each router hop, as shown in Figure 2.

    Figure 1. Packets in ICN.

    Figure 2. Forwarding process in an ICN node.

    ICN routers keep both Interests and Data for some period of time. When multiple Interests for the same data are received from downstream, only the first Interest is sent upstream towards the data source. The router then stores the Interest in the Pending Interest Table (PIT), where each entry contains the name of the Interest and a set of interfaces from which the matching Interests have

    2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)

    2

  • been received. When the Data packet arrives, the router finds the matching PIT entry and forwards the data to all the interfaces listed in the PIT entry. The router then removes the corresponding PIT entry, and caches the Data in the Content Store, which is basically the routers buffer memory subject to a cache replacement policy. Data takes the exact same path as the Interest that solicited it, but in the reverse direction. One Data satisfies one Interest across each hop, achieving hop-by-hop flow balance.

    To assure the authenticity and integrity of data, the consumer must trust the host who holds the data, and use secure mechanisms to identity, locate, and retrieve data from that host. Securing data directly reduces the trust we must place in network intermediaries. Applications communicating by names can seal data by the original producer at creation time. This leaves only one problem to solve: securing the link between a name and its content. ICN uses application data names to make data available as a mapping triple, as shown in (1), where is the content name, is the content data, and is the signature signed by the content producer.

    (1)

    In ICN, security is built into data itself, rather than being a function of where, or how, it is obtained. Each piece of data is signed together with its name, securely binding them. Data signatures are mandatory. The signature, coupled with data publisher information, enables determination of data provenance, allowing the consumers trust in data to be decoupled from how (and from where) data is obtained. It also supports fine-grained trust, allowing consumers to reason about whether a public key owner is an acceptable publisher for a particular piece of data in a specific context.

    B. Public-Key Cryptography The existing public-key cryptography and PKI

    schemes can be used in ICN to secure the data transmission.

    Public-key cryptography uses asymmetric key algorithms and can also be referred to by the more generic term "asymmetric key cryptography." The algorithms used for public key cryptography are based on mathematical relationships (the most notable ones being the integer factorization and discrete logarithm problems) that presumably have no efficient solution. Although it is computationally easy for the intended recipient to use its private key to decrypt the message, and it is easy for the sender to encrypt the message using the public key, it is practically impossible for anyone to derive the private key, based only on their knowledge of the public key. This is why, unlike symmetric key algorithms, a public key algorithm does not require a secure initial exchange of one (or more) secret keys between the sender and receiver. The

    use of these algorithms also allows the authenticity of a message to be checked by creating a digital signature of the message using the private key, which can then be verified by using the public key. In practice, only a hash of the message is typically encrypted for signature verification purposes.

    C. PKI The Public-Key Infrastructure (PKI) system is used to

    verify the public-key and the user identity binding relationship in public-key cryptography scheme.

    A public-key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity. The PKI creates digital certificates which map public keys to entities, securely stores these certificates in a central repository, and revokes them if needed. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique within each CA domain. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority (RA). The RA ensures that the public key is bound to the individual to which it is assigned in a way that ensures non-repudiation. Generally, a PKI system consists of the following five components: 1) A certificate authority (CA) that both issues and verifies the digital certificates. 2) A registration authority which verifies the identity of users requesting information from the CA. 3) A central directory, i.e., a secure location in which to store and index keys. 4) A certificate management system. 5) A certificate policy.

    However, the current PKI scheme has some disadvantages. The centralized design of PKI system suffers from single point failure, traffic congestion, and triangle routing problems. Moreover, for the mobile application scenario, the implementation of PKI scheme is very expensive to deploy and maintain. Therefore, ICN needs a more flexible and usable mechanisms to verify the public-key and identity than the PKI scheme. Some key management methods have been proposed which have no need of PKI, such as the group key management and disclosure scheme [8]. And the web of trust [9] is also considered as no PKI system. But they are not suitable for the mobile ICN content retrieval.

    [5] describes a social network based trust authentication scheme which utilize the social relationship to propagate the trust score to determine it is trustworthy or not. We are inspired that the social network can also be used in the key distribution system. In next section, we

    2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)

    3

  • describe the proposed social network based security scheme to solve this authenticity and integrity problem.

    III. PROTOCOL DESIGN In this section, we propose a social network based

    security scheme. The goal is to provide a public-key and identity binding method protected by the public key cryptography based on the social trust graph.

    A. Assumptions Each user can generate his initial identity bundle.

    The social graph is a connected graph, in which each node is connected to any other node directly or indirectly. We cannot propagate the identity bundle of an isolated node since there is no route to reach it from other users.

    Trust definition:...

Recommended

View more >