TY - GEN
T1 - Modeling and verifying data access mechanism of NLSR trust model
AU - Chen, Ningning
AU - Zhu, Huibiao
AU - Fei, Yuan
AU - Xiao, Lili
AU - Yin, Jiaqi
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/12
Y1 - 2020/12
N2 - As a leading architecture of Information-Centric Networking (ICN), Named Data Networking (NDN) plays an important role in the future network construction. NDN retrieves and identifies a data packet according to the packet's name instead of its IP address. Conventional protocols of TCP/IP Internet are unsuitable for NDN. Therefore, Named-data Link State Routing protocol (NLSR) is proposed as an intra-domain routing protocol for NDN. Although NLSR applies a five-layer trust model to guarantee its data security, there are still a lot of security issues in its data access mechanism, such as the fake and leakage of data. In this paper, we apply Communicating Sequential Processes (CSP) to formalize this mechanism. Using Process Analysis Toolkit (PAT), we verify four properties, including deadlock freedom, data availability, data security and data decryption. According to the verification results, the trust model cannot protect the data from fake and leakage once intruders appear. We adopt a method similar to digital signature in the first improved model. However, the process of obtaining keys still needs to be executed multiple times during the verification of a data packet. To further accelerate the key fetching and verification process, all the keys, needed to validate a data packet, are packaged in a special packet of the second improvement.
AB - As a leading architecture of Information-Centric Networking (ICN), Named Data Networking (NDN) plays an important role in the future network construction. NDN retrieves and identifies a data packet according to the packet's name instead of its IP address. Conventional protocols of TCP/IP Internet are unsuitable for NDN. Therefore, Named-data Link State Routing protocol (NLSR) is proposed as an intra-domain routing protocol for NDN. Although NLSR applies a five-layer trust model to guarantee its data security, there are still a lot of security issues in its data access mechanism, such as the fake and leakage of data. In this paper, we apply Communicating Sequential Processes (CSP) to formalize this mechanism. Using Process Analysis Toolkit (PAT), we verify four properties, including deadlock freedom, data availability, data security and data decryption. According to the verification results, the trust model cannot protect the data from fake and leakage once intruders appear. We adopt a method similar to digital signature in the first improved model. However, the process of obtaining keys still needs to be executed multiple times during the verification of a data packet. To further accelerate the key fetching and verification process, all the keys, needed to validate a data packet, are packaged in a special packet of the second improvement.
KW - CSP
KW - Modeling
KW - NDN
KW - NLSR
KW - Trust Model
KW - Verification
UR - https://www.scopus.com/pages/publications/85102374560
U2 - 10.1109/APSEC51365.2020.00028
DO - 10.1109/APSEC51365.2020.00028
M3 - 会议稿件
AN - SCOPUS:85102374560
T3 - Proceedings - Asia-Pacific Software Engineering Conference, APSEC
SP - 198
EP - 207
BT - Proceedings - 2020 27th Asia-Pacific Software Engineering Conference, APSEC 2020
PB - IEEE Computer Society
T2 - 27th Asia-Pacific Software Engineering Conference, APSEC 2020
Y2 - 1 December 2020 through 4 December 2020
ER -