English

NAC: Automating Access Control via Named Data

Networking and Internet Architecture 2021-06-15 v1

Abstract

In this paper we present the design of Name-based Access Control (NAC) scheme, which supports data confidentiality and access control in Named Data Networking (NDN) architecture by encrypting content at the time of production, and by automating the distribution of encryption and decryption keys. NAC achieves the above design goals by leveraging specially crafted NDN naming conventions to define and enforce access control policies, and to automate the cryptographic key management. The paper also explains how NDN's hierarchically structured namespace allows NAC to support fine-grained access control policies, and how NDN's Interest-Data exchange can help NAC to function in case of intermittent connectivity. Moreover, we show that NAC design can be further extended to support Attribute-based Encryption (ABE), which supports access control with additional levels of flexibility and scalability.

Keywords

Cite

@article{arxiv.1902.09714,
  title  = {NAC: Automating Access Control via Named Data},
  author = {Zhiyi Zhang and Yingdi Yu and Sanjeev Kaushik Ramani and Alex Afanasyev and Lixia Zhang},
  journal= {arXiv preprint arXiv:1902.09714},
  year   = {2021}
}

Comments

Originally published in MILCOM 2018. This version includes some writing improvements

R2 v1 2026-06-23T07:51:09.513Z