Security Analysis of the Access Control Solution of NDN Using BAN Logic

Named Data Networking (NDN) is a new promising architecture of information-centric networking. Traditional mechanisms of access control can no longer fit appropriately, because of its caching property. Hamdane et al. propose a new access control solution for both closed and open environments. In this paper, we make the very first attempt to formally analyze this access control solution. Inspired by the basic BAN logic, we adding some new notions to it to propose our BAN-like logic. It can describe the access control solution. In the form of the beliefs of principals, the procedures of the access control solution are idealized. Under several security goals with a set of logical postulates, the idealized procedures are analyzed. We give the modification to make the solution safer. Then we introduce the man-in-the-middle attack into the access control solution and check the insecurity properties. The improvement is given according to the result. Our study helps to improve security and protect against various attacks for the access control solution.