Capabilities for Distributed Authorization in Information-Centric   Networking

Jens Finkh\"auser

arXiv:2308.04140·cs.DC·August 9, 2023

Capabilities for Distributed Authorization in Information-Centric Networking

Jens Finkh\"auser

PDF

Open Access 1 Repo

TL;DR

This paper proposes a fully distributed, capability-based authorization scheme tailored for Information-Centric Networking (ICN) architectures, aiming to improve trust and security without centralization.

Contribution

It introduces a novel, generalized authorization scheme that integrates seamlessly into ICN, enhancing security and reducing vulnerability to denial-of-service attacks.

Findings

01

The scheme fits well within ICN architectures.

02

It improves trust models in distributed networks.

03

It mitigates certain denial-of-service attack vectors.

Abstract

Authorization currently introduces partial centralization in otherwise distributed network architectures, such as ICN approaches. Analyzing existing work in (partially) distributed authentication and authorization, and rearranging proven methods, this paper introduces a generalized, capability based and fully distributed authorization scheme. It argues that such a scheme can fit neatly into ICN architectures in order to enhance the trust model and mitigate against certain classes of denial-of-service attacks. Keywords: authorization, distributed systems security, ICN

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

https://codeberg.org/interpeer/caprock
noneOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsCaching and Content Delivery · Cloud Data Security Solutions · Access Control and Trust