Securing network content

Details

Event PARC tech report 2009-1

Authors

Smetters, Diana K.
Jacobson, Van
Technical Publications
October 8th 2009
Current networks derive their security from a communication model. The security of content is determined by emph{who} (what host) you retrieved that content from, and the properties of the communication channel over which you retrieved it -- was it encrypted, authenticated, and so on. Such security is transient, evaporating after the connection ends, and not transitive -- everyone wanting a piece of content must get it from ``the horse's mouth'' in order to trust it. We propose a more scalable model wherein content itself is secured, rather than the connections over which it travels. By authenticating content itself with digital signatures, and adding the ability to retrieve that content by name rather than by the identity of the host on which it happens to be stored, we can build networks with a number of desirable security and performance properties. To make content-based security practial and effective, we argue that we must authenticate the emph{linkage} between (arbitrary) names and content, rather than merely authenticating the content or its publisher. We introduce a specific proposal for securing named content effective for both current and future, potentially content-based networks.

Citation

Smetters, D. K.; Jacobson, V. Securing network content. PARC TR-2009-1; 2009 October.

Additional information

Focus Areas

Our work is centered around a series of Focus Areas that we believe are the future of science and technology.

FIND OUT MORE
Licensing & Commercialization Opportunities

We’re continually developing new technologies, many of which are available for Commercialization.

FIND OUT MORE
News

Our scientists and staffers are active members and contributors to the science and technology communities.

FIND OUT MORE