Security and Privacy Analysis of National Science Foundation Future Internet Architectures
作者: Moreno Ambrosin , Alberto Compagno , Mauro Conti , Cesar Ghali , Gene Tsudik
DOI: 10.1109/COMST.2018.2798280
关键词:
摘要: The Internet protocol (IP) is the lifeblood of modern Internet. Its simplicity and universality have fueled unprecedented lasting global success current Nonetheless, some limitations IP been emerging in recent years. Furthermore, starting mid-1990s, advent mobility, wirelessness, Web substantially shifted usage communication paradigms. This accentuated long-term concerns about architecture prompted interest alternative designs. U.S. National Science Foundation (NSF) has one key supporters efforts to design a set candidate next-generation architectures. As prominent requirement, NSF emphasized “security privacy by design” order avoid long unhappy history incremental patching retrofitting that characterizes architecture. To this end, as result competitive process, four research projects were funded 2010: nebula, named-data networking, MobilityFirst, expressive paper provides comprehensive neutral analysis salient security features (and issues) these NSF-funded future Prior surveys on architectures provide limited, or even no, comparison features. In addition, also compares designs with IP-based discusses similarities, differences, possible improvements.
sci-hub.se 参考文章(77)
Ari Juels, John G. Brainard, Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. network and distributed system security symposium. ,(1999)
Alexander Afanasyev, Addressing Operational Challenges in Named Data Networking Through NDNS Distributed Database ,(2013)
Adam Greenhalgh, Mark Handley, Jon Postel, The Case for Pushing DNS ,(2005)
Nikos Fotiou, Pekka Nikander, Dirk Trossen, George C. Polyzos, Developing Information Networking Further: From PSIRP to PURSUIT Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. pp. 1- 13 ,(2012) , 10.1007/978-3-642-30376-0_1
D. Maughan, M. Schneider, M. Schertler, J. Turner, Internet Security Association and Key Management Protocol (ISAKMP) RFC. ,vol. 2408, pp. 1- 86 ,(1998)
Steven Michael Bellovin, John Ioannidis, Implementing Pushback : Router-Based Defense Against DDoS Attacks network and distributed system security symposium. ,(2002) , 10.7916/D8R78MXV
Steven M. Bellovin, Problem areas for the IP security protocols usenix security symposium. pp. 21- 21 ,(1996) , 10.7916/D85B0861
Hugo Krawczyk, The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) international cryptology conference. ,vol. 2001, pp. 310- 331 ,(2001) , 10.1007/3-540-44647-8_19
David Dagon, Chris Lee, Wenke Lee, Niels Provos, Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority network and distributed system security symposium. ,(2008)
R. Canetti, H. Krawczyk, M. Bellare, HMAC: Keyed-Hashing for Message Authentication RFC. ,vol. 2104, pp. 1- 11 ,(1997)