Abstract
In this article, we consider security aspects of online meeting applications based on protocols such as WebRTC that leverage the Information-centric Networking (ICN) architecture to make the system fundamentally more scalable. If the scalability properties provided by ICN have been proved in recent literature, the security challenges and implications for real-time applications have not been reviewed. We show that this class of applications can benefit from strong security and scalability jointly without any major tradeoff and with significant performance improvements over traditional WebRTC systems. To achieve this goal, some modifications to the current ICN architecture must be implemented in the way integrity and authentication are verified. Extensive performance analysis of the architecture based on the open source implementation of Hybrid-ICN proves that real-time applications can greatly benefit from this novel network architecture in terms of strong security and scalable communications.
- [1] . 2015. A survey of security attacks in information-centric networking. IEEE Communications Surveys Tutorials 17, 3 (2015), 1441–1454. Google Scholar
Digital Library
- [2] . 2013. Cache privacy in named-data networking. In 2013 IEEE 33rd International Conference on Distributed Computing Systems. 41–51. Google Scholar
Digital Library
- [3] . 2013. Interest flooding attack and countermeasures in Named Data Networking. In 2013 IFIP Networking Conference. 1–9.Google Scholar
- [4] . 2022. ZQTRTT: A multipath scheduler for heterogeneous traffic in ICNs based on zero queueing time ratio. In Proceedings of the 9th ACM Conference on Information-centric Networking (ICN’22). Association for Computing Machinery, New York, NY, 1–10. Google Scholar
Digital Library
- [5] . 2018. Security and privacy analysis of National Science Foundation future internet architectures. IEEE Communications Surveys Tutorials 20, 2 (2018), 1418–1442. Google Scholar
Cross Ref
- [6] . 2006. Session Description Protocol (SDP) Security Descriptions for Media Streams. RFC 4568. (
July 2006). Google ScholarDigital Library
- [7] . 2018. High-speed software data plane via vectorized packet processing. IEEE Communications Magazine 56, 12 (2018), 97–103. Google Scholar
Digital Library
- [8] . 2012. Self-verifying names for read-only named data. In 2012 Proceedings of IEEE INFOCOM Workshops. 274–279. Google Scholar
Cross Ref
- [9] . 2019. Enabling ICN in the internet protocol: Analysis and evaluation of the hybrid-ICN architecture. In Proceedings of the 6th ACM Conference on Information-centric Networking. 55–66. Google Scholar
Digital Library
- [10] . 2013. Privacy in content-oriented networking: Threats and countermeasures. SIGCOMM Comput. Commun. Rev. 43, 3 (
July 2013), 25–33. Google ScholarDigital Library
- [11] . 2015. ICN based scalable audio-video conferencing on virtualized service edge router (VSER) platform. In Proceedings of the 2nd ACM Conference on Information-centric Networking. Association for Computing Machinery, 217–218. Google Scholar
Digital Library
- [12] . 2015. Violating consumer anonymity: Geo-locating nodes in named data networking. In Applied Cryptography and Network Security. Springer International Publishing, 243–262.Google Scholar
Cross Ref
- [13] . 2013. Poseidon: Mitigating interest flooding DDoS attacks in named data networking. In 38th Annual IEEE Conference on Local Computer Networks. 630–638. Google Scholar
Cross Ref
- [14] . 2013. A lightweight mechanism for detection of cache pollution attacks in named data networking. Computer Networks: The International Journal of Computer and Telecommunications Networking 57 (
Nov. 2013), 3178–3191. Google ScholarDigital Library
- [15] . 2013. DoS and DDoS in named data networking. In 2013 22nd International Conference on Computer Communication and Networks (ICCCN’13). 1–7. Google Scholar
Cross Ref
- [16] . 2014. Needle in a haystack: Mitigating content poisoning in named-data networking. In Proceedings of the Workshop on Security of Emerging Networking Technologies. Google Scholar
Cross Ref
- [17] . 2014. Network-layer trust in named-data networking. ACM SIGCOMM Computer Communication Review 44 (
Feb. 2014). Google ScholarDigital Library
- [18] . 2019. Gain more for less: The surprising benefits of QoS management in constrained NDN networks. In Proceedings of the 6th ACM Conference on Information-Centric Networking (ICN’19). Association for Computing Machinery, New York, NY, 141–152. Google Scholar
Digital Library
- [19] (Ed.). 2021. Hybrid Information-centric Networking. https://datatracker.ietf.org/doc/html/draft-muscariello-intarea-hicn-04.Google Scholar
- [20] (Ed.). 2021. The Messaging Layer Security (MLS) Protocol. https://datatracker.ietf.org/doc/html/draft-ietf-mls-protocol-12.Google Scholar
- [21] . 2009. Networking named content. In Proceedings of the 5th International Conference on Emerging Networking Experiments and Technologies. 1–12. Google Scholar
Digital Library
- [22] . 2015. Realtime multi-party video conferencing service over information centric network. In 2015 IEEE International Conference on Multimedia and Expo Workshops (ICMEW’15). 1–6. Google Scholar
Cross Ref
- [23] . 2005. IP Authentication Header.
RFC 4302. RFC Editor. https://datatracker.ietf.org/doc/html/rfc4302.Google ScholarDigital Library
- [24] . 2005. IP Encapsulating Security Payload (ESP).
RFC 4303. RFC Editor. https://datatracker.ietf.org/doc/html/rfc4303.Google ScholarDigital Library
- [25] . 2005. Security Architecture for the Internet Protocol.
RFC 4301. RFC Editor. https://datatracker.ietf.org/doc/html/rfc4301.Google ScholarDigital Library
- [26] . 2009. Reed-Solomon Forward Error Correction (FEC) Schemes.
RFC 5510. RFC Editor. https://datatracker.ietf.org/doc/html/rfc5510.Google ScholarDigital Library
- [27] . 2021. FDIO HICN.
Technical Report . https://wiki.fd.io/view/HICN.Google Scholar - [28] . 2013. Secure content delivery in information-centric networks: Design, implementation, and analyses. In Proceedings of the 3rd ACM SIGCOMM Workshop on Information-Centric Networking (ICN’13). Association for Computing Machinery, New York, NY, 73–78. Google Scholar
Digital Library
- [29] . 2019. AccConF: An access control framework for leveraging in-network cached data in the ICN-enabled wireless edge. IEEE Transactions on Dependable and Secure Computing 16, 1 (2019), 5–17. Google Scholar
Digital Library
- [30] . 2015. Timing attacks on access privacy in information centric networks and countermeasures. IEEE Transactions on Dependable and Secure Computing 12, 6 (2015), 675–687. Google Scholar
Digital Library
- [31] . 2015. Consumer / producer communication with application level framing in named data networking. In Proceedings of the 2nd ACM Conference on Information-Centric Networking (ACM-ICN’15). Association for Computing Machinery, New York, NY, 99–108. Google Scholar
Digital Library
- [32] . 2015. An optimal statistical test for robust detection against interest flooding attacks in CCN. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM’15). 252–260. Google Scholar
Cross Ref
- [33] . 2021. Access control mechanisms in named data networks: A comprehensive survey. ACM Comput. Surv. 54, 3 (
Apr 2021), Article61 , 35 pages. Google ScholarDigital Library
- [34] . 2021. Considerations in the Development of a QoS Architecture for CCNx-like Information-centric Networking Protocols. RFC 9064. (
June 2021). Google ScholarDigital Library
- [35] . 2020. On the scalability of WebRTC with information-centric networking. In 2020 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN’20). 1–6. Google Scholar
Cross Ref
- [36] . 2018. A transport layer and socket API for (h)ICN: Design, implementation and performance analysis. In Proceedings of the 5th ACM Conference on Information-centric Networking. 137–147. Google Scholar
Digital Library
- [37] . 2007. Internet Security Glossary, Version 2.
RFC 4949. RFC Editor. https://datatracker.ietf.org/doc/html/rfc4949.Google ScholarDigital Library
- [38] . 2009. Securing network content. PARC Technical Report (
October 2009).Google Scholar - [39] . 2018. Security, privacy, and access control in information-centric networking: A survey. IEEE Communications Surveys Tutorials 20, 1 (2018), 566–600. Google Scholar
Cross Ref
- [40] . 2016. The Double Ratchet Algorithm.
Technical Paper . https://signal.org/docs/specifications/doubleratchet/.Google Scholar - [41] . 2022. File-like ICN Collections (FLIC).
Internet-Draft draft-irtf-icnrg-flic-04. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-irtf-icnrg-flic/04/.Work in Progress. Google Scholar - [42] . 2021. Key agreement for decentralized secure group messaging with strong security guarantees. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS’21). Association for Computing Machinery, New York, NY, 2024–2045. Google Scholar
Digital Library
- [43] . 2013. Backscatter from the data plane — Threats to stability and security in information-centric networking. Computer Networks 57 (
Nov. 2013), 3192–3206. Google ScholarDigital Library
- [44] . 2018. NAC: Automating access control via named data. In 2018 IEEE Military Communications Conference (MILCOM’18). IEEE. Google Scholar
Digital Library
Index Terms
Securing Scalable Real-time Multiparty Communications with Hybrid Information-centric Networking
Recommendations
On the joint optimization of security, scalability and decentralization of real-time group communications
CoNEXT-SW '22: Proceedings of the 3rd International CoNEXT Student WorkshopIn this paper we consider the problem of how to optimize real-time communications for groups of any size assuming zero-trust in everything except the group members. The objective is to minimize the maximum load across group members while reducing ...
Content discovery for information-centric networking
The information-centric networking (ICN) adopts a content name as a network identifier and utilizes in-network storages to cache the contents. With the name-based routing and content caching, ICN can provide substantial benefits such as faster content ...
Performance analysis of in-network caching for content-centric networking
With the explosion of multimedia content, Internet bandwidth is wasted by repeated downloads of popular content. Recently, Content-Centric Networking (CCN), or the so-called Information-Centric Networking (ICN), has been proposed for efficient content ...






Comments