research-article

A policy-driven approach to access control in future internet name resolution services

Authors:

Janne LindqvistAuthors Info & Claims

MobiArch '14: Proceedings of the 9th ACM workshop on Mobility in the evolving internet architecture

Pages 7 - 12

https://doi.org/10.1145/2645892.2645897

Published: 11 September 2014 Publication History

Abstract

The lack of access control and regulation in the current Internet has resulted in many security and privacy problems. To prevent unauthorized access to protected information, integrating access control into future Internet design is crucial. In this paper, a suite of access control mechanisms that are well-suited for the mobile Internet are introduced. We employ a representative future Internet architecture that is currently being developed as a part of a clean slate design effort. The emphasis of the proposed methods is on supporting new spatio-temporal access control, which can be a powerful new paradigm for security in mobile systems.

References

[1]

eXpressive Internet Architecture. http://www.cs.cmu.edu/~./xia/.

[2]

MobilityFirst Future Internet Architecture Project. http://mobilityfirst.winlab.rutgers.edu/.

[3]

Named Data Networking. http://named-data.net/.

[4]

Nebula Future Internet Architecture Project. http://nebula-fia.org.

[5]

eXtensible Access Control Markup language (XACML) version 3.0, 2013. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf.

[6]

D. G. Andersen, H. Balakrishnan, N. Feamster, T. Koponen, D. Moon, and S. Shenker. Accountable Internet Protocol (AIP). In ACM SIGCOMM, 2008.

Digital Library

[7]

M. Caesar, T. Condie, J. Kannan, K. Lakshminarayanan, and I. Stoica. ROFL: routing on flat labels. In ACM SIGCOMM Computer Communication Review, 2006.

Digital Library

[8]

A. Chander, J. C. Mitchell, and D. Dean. A state-transition model of trust management and access control. In CSFW, 2001.

Digital Library

[9]

S. Chen, Y. Zhang, and W. Trappe. Inverting sensor networks and actuating the environment for spatio-temporal access control. In Proc. 4th ACM SASN, 2006.

Digital Library

[10]

D. Han, A. Anand, F. Dogar, B. Li, H. Lim, M. Machado, A. Mukundan, W. Wu, A. Akella, D. G. Andersen, et al. Xia: Efficient support for evolvable internetworking. Proc. 9th Usenix NSDI, 2012.

Digital Library

[11]

L. Lamport. Password authentication with insecure communication. Communications of the ACM, 1981.

Digital Library

[12]

V. Liu, S. Han, A. Krishnamurthy, and T. Anderson. Tor instead of IP. In Proc. 10th ACM HotNets, 2011.

Digital Library

[13]

X. Liu, W. Trappe, and Y. Zhang. Secure name resolution for identifier-to-locator mappings in the global internet. In Proc. 22nd ICCCN, 2013.

[14]

R. Moskowitz and P. Nikander. Host Identity Protocol (HIP) Architecture. IETF Internet Standard, RFC 4423, 2006.

[15]

B. C. Neuman and T. Ts'o. Kerberos: An authentication service for computer networks. Communications Magazine, IEEE, 1994.

Digital Library

[16]

C. Perkins. IP mobility support for IPv4, revised. IETF Internet Standard, RFC 5944, 2010.

[17]

I. Ray and M. Toahchoodee. A spatio-temporal role-based access control model. Springer Berlin Heidelberg, 2007.

[18]

A. C. Snoeren and H. Balakrishnan. An end-to-end approach to host mobility. In Proc. 6th MobiCom. ACM, 2000.

Digital Library

[19]

T. Vu, A. Baid, Y. Zhang, T. Nguyen, J. Fukuyama, R. Martin, and D. Raychaudhuri. Dmap: A shared hosting scheme for dynamic identifier to locator mappings in the global internet. In Proc. 32nd ICDCS, 2012.

Digital Library

[20]

T. Y. Woo and S. S. Lam. Authentication for distributed systems. Computer, 1992.

Digital Library

Cited By

Choudhury SMukherjee SKarimi PRaychaudhuri D(2024)nCore: Clean Slate Next-G Mobile Core Network Architecture for Scalability and Low LatencyNetwork Security Empowered by Artificial Intelligence10.1007/978-3-031-53510-9_1(3-24)Online publication date: 24-Feb-2024
https://doi.org/10.1007/978-3-031-53510-9_1
Vijaya Kumar VDevi MVishnu Raja PKanmani PPriya VSudhakar SKrishnamoorthy S(2020)Design of Peer-to-Peer Protocol with Sensible and Secure IoT Communication for Future Internet ArchitectureMicroprocessors and Microsystems10.1016/j.micpro.2020.103216(103216)Online publication date: Aug-2020
https://doi.org/10.1016/j.micpro.2020.103216
Kumar UNavaneet SKumar NPandey S(2020)Isolation of DDoS Attack in IoT: A New PerspectiveWireless Personal Communications10.1007/s11277-020-07486-wOnline publication date: 19-May-2020
https://doi.org/10.1007/s11277-020-07486-w
Show More Cited By

Index Terms

A policy-driven approach to access control in future internet name resolution services
1. Security and privacy
  1. Network security

Recommendations

Constraints-based access control
Das'01: Proceedings of the fifteenth annual working conference on Database and application security

The most important aspect of security in a database after establishing the authenticity of the user is its access control mechanism. The ability of this access control mechanism to express the security policy can make or break the system.This paper ...
An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems

Role-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...
Towards Attribute-Centric Access Control: an ABAC versus RBAC argument

Recent developments in attribute-based access control have fueled the conventional debate regarding the pros and cons of Attributes-based access control ABAC versus Role-based access control RBAC. However, existing arguments have been primarily focused ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiArch '14: Proceedings of the 9th ACM workshop on Mobility in the evolving internet architecture

September 2014

76 pages

ISBN:9781450330749

DOI:10.1145/2645892

Program Chairs:
Rui L. Aguiar
Universidade Aveiro, Int. de Telecomunicações, Portugal
,
Katherine Guo
Bell Labs Research, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 September 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Computer and Network Systems

Conference

MobiCom'14

Sponsor:

SIGMOBILE

MobiCom'14: The 20th Annual International Conference on Mobile Computing and Networking

September 11, 2014

Hawaii, Maui, USA

Acceptance Rates

MobiArch '14 Paper Acceptance Rate 11 of 17 submissions, 65%;

Overall Acceptance Rate 47 of 92 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
146
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Choudhury SMukherjee SKarimi PRaychaudhuri D(2024)nCore: Clean Slate Next-G Mobile Core Network Architecture for Scalability and Low LatencyNetwork Security Empowered by Artificial Intelligence10.1007/978-3-031-53510-9_1(3-24)Online publication date: 24-Feb-2024
https://doi.org/10.1007/978-3-031-53510-9_1
Vijaya Kumar VDevi MVishnu Raja PKanmani PPriya VSudhakar SKrishnamoorthy S(2020)Design of Peer-to-Peer Protocol with Sensible and Secure IoT Communication for Future Internet ArchitectureMicroprocessors and Microsystems10.1016/j.micpro.2020.103216(103216)Online publication date: Aug-2020
https://doi.org/10.1016/j.micpro.2020.103216
Kumar UNavaneet SKumar NPandey S(2020)Isolation of DDoS Attack in IoT: A New PerspectiveWireless Personal Communications10.1007/s11277-020-07486-wOnline publication date: 19-May-2020
https://doi.org/10.1007/s11277-020-07486-w
Mwangi XSollins KYeh EOran D(2018)MNDNProceedings of the 5th ACM Conference on Information-Centric Networking10.1145/3267955.3267970(117-124)Online publication date: 21-Sep-2018
https://dl.acm.org/doi/10.1145/3267955.3267970
Liu XZhao MLi SZhang FTrappe W(2017)A Security Framework for the Internet of Things in the Future Internet ArchitectureFuture Internet10.3390/fi90300279:3(27)Online publication date: 28-Jun-2017
https://doi.org/10.3390/fi9030027

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents