Information-Centric Networking (ICN) is a new networking paradigm, whichreplaces the widely used host-centric networking paradigm in communicationnetworks (e.g., Internet, mobile ad hoc networks) with an information-centricparadigm, which prioritizes the delivery of named content, oblivious of thecontents origin. Content and client security are more intrinsic in the ICNparadigm versus the current host centric paradigm where they have beeninstrumented as an after thought. By design, the ICN paradigm inherentlysupports several security and privacy features, such as provenance and identityprivacy, which are still not effectively available in the host-centricparadigm. However, given its nascency, the ICN paradigm has several opensecurity and privacy concerns, some that existed in the old paradigm, and somenew and unique. In this article, we survey the existing literature in securityand privacy research sub-space in ICN. More specifically, we explore threebroad areas: security threats, privacy risks, and access control enforcementmechanisms. We present the underlying principle of the existing works, discuss thedrawbacks of the proposed approaches, and explore potential future researchdirections. In the broad area of security, we review attack scenarios, such asdenial of service, cache pollution, and content poisoning. In the broad area ofprivacy, we discuss user privacy and anonymity, name and signature privacy, andcontent privacy. ICN's feature of ubiquitous caching introduces a majorchallenge for access control enforcement that requires special attention. Inthis broad area, we review existing access control mechanisms includingencryption-based, attribute-based, session-based, and proxy re-encryption-basedaccess control schemes. We conclude the survey with lessons learned and scopefor future work.
展开▼
