The new approach comes with a wide range of benefits, one of which being building security both authentication and ciphering into the network. Rfc 7945 icn evaluation and security september 2016 1. We analyze improvements that have been made and new problems that. Content in ccn is distributed in a scalable, cost efficient and secure manner. October 12, 2017 cisco today announced updates to its application centric infrastructure cisco aci, the industry leading softwaredefined networking sdn solution that makes it easier for customers to adopt and advance intentbased networking for their data centers. Icn is a name based communication architecture, where the retrieval of content is done using names rather than their locations. Moving beyond network security to a datacentric approach. Contentcentric networking ccn is a new popular communication paradigm that achieves information retrieval and distribution by using named data instead of endtoend host centric communications. Scalability of information centric networking using mediated. Content centric networking from a security perspective. Content centric network uses named content as its central abstraction rather than host identifiers retains the simplicity and scalability of ip offers better security. Location identity based content security scheme for content centric networking. We present our work on ccnxserv, a system that allows for dynamic service deployment and scalability in a content centric networking implementation ccnx through an intuitive use of the content.
How do we get content close to the edge current cdn technology seems insufficient can we cache content in the network in a distributed fashion to create an intrinsic, scalable content centric network. Meanwhile, icn also poses new challenges on cache management, content. Benefits of application centric infrastructure aci designed to provide an applicationcentric environment, aci can respond to the dynamic demands of todays data centers. Transitioning from onpremises to cloud offerings to enable dynamic elastic compute, georedundancy, a unified data strategy that uses azure data lake, and flexible softwaredefined infrastructures. Towards a scalable distributed control plane architecture for. The software also obtains the master key to decrypt the content, but this. Nameddata networking ndn is the most promising architecture in the future internet. Keywordsinformationcentric networking, security, privacy, ac. Slide 2 infosys 2014 conference april 25, 2014, chamonix, france control plane scalability in software defined networking acknowledgement the overview state of the art part is compiled, based on. Informationcentric networking security ieee journals. What are the differences between sdn and traditional networking. Along with the contentcentric essence of the architecture, the icn model is also information aware enabling the solutions for future needs of mobility and security 1. Information centric networking icn is a newly proposed future internet paradigm in which communication is based on content names irrespective of their locations.
Parc offers contentcentric networking ccnx software to advance nextgeneration internet press release palo alto, california parc, a xerox company, today announced that its contentcentric networking ccnx software is now available under the parc software license. This paradigm change potentially enables a future internet with better performance, reliability, scalability. By design, the icn paradigm inherently supports many security and privacy features, such as provenance and identity privacy, which are still not effectively available in the hostcentric paradigm. Contentcentric networking ccn is a communications architecture based on dissemination rather than conversation. Aug 09, 2019 one of the negative aspects of this traditional hardware centric networking is its limitations. In this work, we compare the content centric networking approach with the current internet with respect to security and privacy. Contentcentric networking ccn is a novel networking paradigm. Cisco advances intentbased networking for data center with. Besides, icn provides other features such as caching, mobility, scalability. Mar 25, 2020 as companies find themselves suddenly shifting to remote work due to the covid19 coronavirus outbreak, many employees are working from home for the first time. Van jacobson contentcentric networking tuesday, november 18, 2008 at 2. One security critical feature of contentcentric networking is the introduction of generalpurpose caches that are shared by a small number of users.
How do we deal with security and associated encryption issues while providing reasonable network. Information centric networking what if networking takes place based on content instead of hosts. A system, business or software that is described as scalable has an advantage because it is more adaptable to the changing needs or demands of its users or clients. Icn tries to solve the problems confronting the current internet, e. Ndn ensure high availability of contents and security of the data packet. In the perspective of internet advancements for the future internet, information centric network icn offers a communication model, which is different from the current ipbased paradigm. However, it may disturb the stability and security in ndn routing. Ccn is different from host centric architectures because of how it names, and thus values, information over location. Contentcentric networking ccn is an alternative to hostcentric networking exemplified by todays internet. More generally, we argue that there is a tradeoff between network efficiency and user privacy. Abstract information centric networking icn is a new networking paradigm in which the network provides users with content instead of communication channels between hosts. In contrast to ipbased, hostoriented, internet architecture, content centric networking ccn. Were capturing the transformation of cloudcentric architecture in the following investment areas. Microsofts shift to identitycentric vdi security and an integrated citrix toolset is making it far simpler and less intrusive to manage and control access privileges across a range of environments, locations, and devices.
Informationcentric networking icn is a networking concept that arose from the. Content centric networking represents a paradigm shift in the evolution and definition of modern network protocols. His current research interests include new network architectures particularly software defined networking sdn, scalability, quality of service qos, routing, and introducing programming to noncs majors. Ibn is based on sdn, automates most management steps and evolves continuously through machine learning.
Moreover, we enumerate overlooked yet important opportunities and challenges in scalability beyond the commonly used performance metrics. By suggesting radical changes to the current internet, approaches to cleanslate architectures run the risk of introducing new opportunities for attacks. One specific approach to information centric networking, also known as content centric networking ccn andor named data networking ndn, appears to be gaining mindshare in the research community and in industry, and promises to significantly improve network scalability, performance, and reduce cost over a network built on the internet protocol. An improved method to deploy cache servers in software defined. This talk points out a new direction of moving the internet toward a content. A survey of informationcentric networking approaches. In international conference on security of information and networks sin14. At the same time, icn promises efficient content delivery, mobility support, scalability, and security for content. Analysis of security issues in information centric networking. How to get one without losing the other traditionally, you had to design for a focus on scalability or security in the cloud, but not both. In addition this approach does not provide key capabilities such as multihypervisor support, integrated security. Software defined networking sdn is an approach that promises to enable the continuous evolution of networking. The cisco dna center, software defined access and catalyst 9000 switches are important components for ibn.
While the general infrastructure of ccn is in networking. Software defined networking meets information centric networking. Informationcentric networking with edge computing for iot. Content centric networking, in which a network addresses and transmits data identified by content name rather than by host, is a possible solution to the everincreasing load on our international network. It has the potential to address many of the key problems faced by the internet today, including content distribution, mobility, security, and scalability. An outline of the informationcentric network architecture. While ip necessitates that each packet has a destination and source label associated with it, ccn binds a name to the data itself, allowing the packets to be locationindendent yet still functional. Moving beyond network security to a data centric approach. Dynamic service scalability in informationcentric networks. Control plane scalability in software defined networking. Information centric networking icn is an infrastructure that transfers big data. We show how attackers can leverage these caches to monitor what content its users are retrieving. Data becomes independent from location, application, storage, and means of transportation, enabling in network. Information centric networking icn and software defined networking.
Effectively, the security provided to the data is a. Namebased routing in information centric networks faces many challenges, one of which is the scalability challenge. Information centric networking icn is a new networking paradigm in which the network provides users with content instead of communication channels between hosts. The most notable difference between sdn and traditional networking is that sdn is software based while traditional networking is usually hardwarebased. Content centric inter network conet is an architecture that proposes a conet layer to provide network access to content by name instead of to a host. See also the ndn video faq general questions what is information centric networking icn. Contentcentric networking from a security perspective. Content can be collected from the network, processed in the network, and stored in the network goal is to provide a network infrastructure capable of providing services better suited to todays application requirements. The vision of the project is to develop, promote, and evaluate a new approach to a communications architecture based on an implementation of icn called contentcentric networking ccn. Future internet architectures based on the information centric networking icn paradigm propose to address ongoing challenges in supporting modern applications. Clusterbased innetworking caching for c ontentcentric. This data centric approach to security of your network environment starts with a strategic understanding. One security critical feature of content centric networking is the introduction of generalpurpose caches that are shared by a small number of users. Interest messages may be matched against caches along the way, not only at the publishers.
Each content gets a unique name at the network layer, and this name is used for routing the content over the network. The goals of ccn are to provide a more secure, flexible and scalable network thereby addressing the internets modernday requirements for secure content. Thechange from host centric to content centric has several attractive advantages, such as network load reduction, low dissemination latency, and energy efficiency 3. Introduction information centric networking icn is a networking concept that arose from the desire to align the operation model of a network with the model of its typical use. A reality check for content centric networking request pdf. Nist is working to develop test and measurement techniques to advance the state of the art in network virtualization, network service function chaining, software defined networks, technologies and techniques to address robustness safety and security of virtualized network. Softwaredefined networking sdn with cisco hcd consulting. We are exploring how this icnndn paradigm addresses some of the key challenges in scalability, efficient resource utilization, and security. The increased complexity of modern networking demands a more strategic and holistic view than traditional established. To retrieve an ieee spectrum article in a contentcentric network, a node. Another potential direction is employing a softwaredefined networking.
Feb 26, 2015 content centric network is a new networking technique which gives importance to data rather than the location. The named data networking ndn project has opensourced a software. On the interdomain scalability of routebyname information centric network architectures konstantinos v. In many icn designs routers have to rely on inefficient mechanisms e. Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. Mar 19, 2015 security and scalability in the hybrid cloud. Microsofts cloudcentric architecture transformation. Content and client security are more intrinsic in the icn paradigm versus the. He is the recipient of the best paper award at acm sigite 2011 conference. Sdn future internet conferences public material, research papers and projects. Bandwidth needs increase as well as people demand more video and more from their software. Limitations of a softwareonly approach to data center.
Security, privacy, and access control in information. A security analysis of the informationcentric network model. Katsaros, xenofon vasilakos y, timothy okwii, george xylomenos, george pavlou. Ccn emphasizes content distribution by making content directly addressable. Pdf security monitoring for contentcentric networking. Recent advances in informationcentric networking based internet. Software defined networks soheil hassas yeganeh, amin tootoonchian, and yashar ganjali, university of toronto on scalability of software defined networking.
The contentcentric approach seeks to make the basic architecture of the network to current usage patterns. Security, privacy, and access control in informationcentric. Content centric networking ccn is one of the most promising research area for a future internet. We also discuss the advantages of the icn approach in general.
Application centric infrastructure aci cisco aci is a comprehensive software defined networking sdn architecture that automates it tasks, accelerates data center application deployments, and significantly reduces tco. This increases the scalability of the network by reducing the load on middleboxes and enabling automated reaction to security alerts raised by these devices. Application centric infrastructure aci acadia technology. Cisco is opting for intentbased networking ibn for the network of the future. Third, it uses content centric networking ccn to provide access to the compact muon solenoid cms experiment data. In this thesis, we analyse the architecture proposed by content centric networking from a security perspective. Mar 01, 2010 content centric networking ccn is a communications architecture based on dissemination rather than conversation. Software defined networking sdn is an approach that promises to enable the continuous evolution of networking architectures. A key management scheme for content centric networking. Abstractinformationcentric networking icn is being re alized as a promising.
Information centric networking over sdn and openflow. Information centric networking icn is a new networking paradigm, which replaces the widely used host centric networking paradigm in communication networks e. Content centric networking ccn is a prominent information centric networking icn architecture which gains worldwide attention by researchers and the focus of this article. These new architectures support the dissemination of named and signed data content natively at the network layer. Experimental evaluation of memory management in contentcentric networking giovanna caro.
Experimental evaluation of memory management in content. Ccn provides innetwork caching and content based routing. One securitycritical feature of contentcentric networking is the introduction of generalpurpose caches that are shared by a small number of users. We show how attackers can leverage these caches to monitor what content. Most networks grow at some point either because of more employeescustomerusage. Security in host centric models, because the data itself is opaque to the network, the network can at best provide security to the containers holding the data. While not ideal from a security standpoint, there are simple steps you, and your employer, can quickly take to better secure your new working environment. Information centric networking icn is an approach to evolve the internet infrastructure to directly support this use by introducing uniquely named data as a core internet principle. Software defined networking sdn technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring making it more like cloud computing than traditional network management. Contentcentric networking ccn andor named data networking ndn, appears to be gaining mindshare in the research community and in industry, and promises to significantly improve network scalability, performance, and reduce cost over a network. Now with services that connect virtual and real computers together, you can achieve cloud scale while satisfying the most stringent security requirements. This security model enables opportunistic caching of data anywhere within a ccn network, resulting in better efficiency, availability, and scalability.
Distributed caching within a content centric network is also possible, requiring multifunctional access parameters across the database. Cisco dna software is a valuable and flexible way to buy software for your data center, wan, and access. Aci supports physical, virtual and container environments simultaneously without compromising scalability or security. What is the difference between content centric networking and.
The technology was developed at parc, a xerox company, a decade ago, under the name contentcentric networking ccn. We present our work on ccnxserv, a system that allows for dynamic service deployment and scalability in a content centric networking. To find out how you can move to azure vdi, check out some of the work weve done in the cloud workspace sector. Cisco announces important steps toward adoption of. Ccn is designed to run alongside, or independent of, tcpip and will not disrupt existing networks. Clemson university university of michigan northwestern university. By introducing cybertwin, which serve as communications assistant, network data logger, and digital asset owner of human and things in the ioe, we design a new network. It doesnt scale, and it fails to provide full realtime visibility of both physical and virtual infrastructure. Because the content is self identifiable via the name and the security binding any content object can be cached.
Many research efforts have been made with the purpose of proving the feasibility and the scalability. But content centric networking does not inherently address the issue of services, particularly service scalability and mobility. The goal is to obtain a more scalable, secure, collaborative internet supporting contextaware. Control plane scalability in software defined networking acknowledgement the overview state of the art part is compiled, based on several public original documents and other studies, belonging to different authors and groups work. Another potential direction is employing a softwaredefined networking sdn. Softwaredefined networking technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and. Jan 27, 2017 scalability is an attribute that describes the ability of a process, network, software or organization to grow and manage increased demand. Sarmad ullah khan, thibault cholez, thomas engel, and luciano lavagno. Citeseerx document details isaac councill, lee giles, pradeep teregowda. In this article, we propose a cybetwin based cloud centric network architecture for future generation networks. The technology was developed at parc, a xerox company, a decade ago, under the name content centric networking. However, a software only approach to network virtualization places significant constraints on customers.
These attacks can range from new forms of denialofservice to attacks against other users privacy. The selected articles cover topics including security mechanisms overview for named data networking ndn, security for an edge named function environment, secure ndn with attribute based cryptography and software defined networking sdn, content. However, given its nascency, the icn paradigm has several open security. Aug 16, 2015 the term information centric networking icn is generally used to refer to the entire class of internet architectures that focus on content data as the central entity as opposed to a host centric networking architecture. There is not yet a single architecture which can be said to definitively provide this alternative paradigm and there are a number of alternative architectures said to fall under terms such as information centric networking icn trossen and parisis, 2012, content centric networking ccn or named data networking ndn jacobson et al. Parc offers contentcentric networking ccnx software to.
597 149 552 1263 481 1291 205 1063 730 858 901 443 182 260 1066 1423 200 376 267 46 671 1564 169 861 1436 669 207 11 861 155 740 751 230 279 970 1444 744