TY - GEN
T1 - Security analysis of the access control solution of NDN using BAN logic
AU - Fei, Yuan
AU - Zhu, Huibiao
AU - Wang, Huiwen
N1 - Publisher Copyright:
© 2018 Universitat zu Koln. All rights reserved.
PY - 2018
Y1 - 2018
N2 - Named Data Networking (NDN) is a new promising architecture of information-centric networking. For its caching property, traditional mechanisms of access control can no longer work. Hamdane et al. propose a new access control solution for both closed and open environments. In this paper, we make the very first attempt to formally analyze this access control solution. Inspired by the basic BAN logic which is often used to describe protocols by logical formulas, we present our BAN-like logic by adding some new notions to make it suitable for the access control solution. Using the BAN-like logic, the procedures of the access control solution is idealized in the form of the beliefs of principals. Then the idealized procedures are analyzed under several security goals with a set of logical postulates. Several unsatisfied goals may lead the access control solution to be vulnerable to intruders. We give the modification in the idealized procedures to archive more goals. We also present the related modification in the implementation of the access control solution. Our study helps to improve security and protect against various attacks for the access control solution.
AB - Named Data Networking (NDN) is a new promising architecture of information-centric networking. For its caching property, traditional mechanisms of access control can no longer work. Hamdane et al. propose a new access control solution for both closed and open environments. In this paper, we make the very first attempt to formally analyze this access control solution. Inspired by the basic BAN logic which is often used to describe protocols by logical formulas, we present our BAN-like logic by adding some new notions to make it suitable for the access control solution. Using the BAN-like logic, the procedures of the access control solution is idealized in the form of the beliefs of principals. Then the idealized procedures are analyzed under several security goals with a set of logical postulates. Several unsatisfied goals may lead the access control solution to be vulnerable to intruders. We give the modification in the idealized procedures to archive more goals. We also present the related modification in the implementation of the access control solution. Our study helps to improve security and protect against various attacks for the access control solution.
KW - Access Control Solution
KW - BAN Logic
KW - Named Data Networking (NDN)
UR - https://www.scopus.com/pages/publications/85056813759
U2 - 10.18293/SEKE2018-124
DO - 10.18293/SEKE2018-124
M3 - 会议稿件
AN - SCOPUS:85056813759
T3 - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
SP - 659
EP - 664
BT - Proceedings - SEKE 2018
PB - Knowledge Systems Institute Graduate School
T2 - 30th International Conference on Software Engineering and Knowledge Engineering, SEKE 2018
Y2 - 1 July 2018 through 3 July 2018
ER -