{"title":"NDNCERT: NDN通用可用信任管理","authors":"Zhiyi Zhang, A. Afanasyev, Lixia Zhang","doi":"10.1145/3125719.3132090","DOIUrl":null,"url":null,"abstract":"The Named Data Networking (NDN) architecture builds the security primitives into the network layer: all retrieved data packets must be signed to ensure their integrity authenticity and provenance. To ensure that these primitives are used in a meaningful way without imposing undue burdens on NDN users, the management of cryptographic keys and certificates needs to work in a simple, secure, and user-friendly way. This poster introduces the NDN Trust Management system (NDNCERT) which is designed to fill this need. NDNCERT provides flexible mechanisms to delegate trust between certificates, either within a single device (managing permissions for local applications on a node to operate under a given namespace) or across devices/entities. NDNCERT features a modular design for security challenges that establish trust through out-of-band means for certificate issuing. Once a node or an application obtains a valid certificate for its namespace (or being configured with a self-signed certificate), it automatically becomes a certificate authority for its namespace, and can use the same NDNCERT protocol to produce certificates for the sub-namespaces.","PeriodicalId":394653,"journal":{"name":"Proceedings of the 4th ACM Conference on Information-Centric Networking","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"NDNCERT: universal usable trust management for NDN\",\"authors\":\"Zhiyi Zhang, A. Afanasyev, Lixia Zhang\",\"doi\":\"10.1145/3125719.3132090\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Named Data Networking (NDN) architecture builds the security primitives into the network layer: all retrieved data packets must be signed to ensure their integrity authenticity and provenance. To ensure that these primitives are used in a meaningful way without imposing undue burdens on NDN users, the management of cryptographic keys and certificates needs to work in a simple, secure, and user-friendly way. This poster introduces the NDN Trust Management system (NDNCERT) which is designed to fill this need. NDNCERT provides flexible mechanisms to delegate trust between certificates, either within a single device (managing permissions for local applications on a node to operate under a given namespace) or across devices/entities. NDNCERT features a modular design for security challenges that establish trust through out-of-band means for certificate issuing. Once a node or an application obtains a valid certificate for its namespace (or being configured with a self-signed certificate), it automatically becomes a certificate authority for its namespace, and can use the same NDNCERT protocol to produce certificates for the sub-namespaces.\",\"PeriodicalId\":394653,\"journal\":{\"name\":\"Proceedings of the 4th ACM Conference on Information-Centric Networking\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 4th ACM Conference on Information-Centric Networking\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3125719.3132090\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 4th ACM Conference on Information-Centric Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3125719.3132090","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
NDNCERT: universal usable trust management for NDN
The Named Data Networking (NDN) architecture builds the security primitives into the network layer: all retrieved data packets must be signed to ensure their integrity authenticity and provenance. To ensure that these primitives are used in a meaningful way without imposing undue burdens on NDN users, the management of cryptographic keys and certificates needs to work in a simple, secure, and user-friendly way. This poster introduces the NDN Trust Management system (NDNCERT) which is designed to fill this need. NDNCERT provides flexible mechanisms to delegate trust between certificates, either within a single device (managing permissions for local applications on a node to operate under a given namespace) or across devices/entities. NDNCERT features a modular design for security challenges that establish trust through out-of-band means for certificate issuing. Once a node or an application obtains a valid certificate for its namespace (or being configured with a self-signed certificate), it automatically becomes a certificate authority for its namespace, and can use the same NDNCERT protocol to produce certificates for the sub-namespaces.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
