CertRevoke: A Certificate Revocation Framework for Named Data Networking

Tianyuan Yu; Hongcheng Xie; Siqi Liu; Xinyu Ma; Xiaohua Jia; Lixia Zhang

doi:10.1145/3517212.3558079

CertRevoke: A Certificate Revocation Framework for Named Data Networking

Tianyuan Yu, Hongcheng Xie, Siqi Liu, Xinyu Ma, Xiaohua Jia, Lixia Zhang

Department of Computer Science

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

6 Citations (Scopus)

Abstract

Named Data Networking (NDN) secures network communications by requiring all data packets to be signed upon production. This requirement makes usable and efficient NDN certificate issuance and revocation essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificate revocation, then proceed with the design of CertRevoke, an NDN certificate revocation framework. CertRevoke utilizes naming conventions and trust schema to ensure certificate owners and issuers legitimately produce in-network cacheable records for revoked certificates. We evaluate the security properties and performance of CertRevoke through case studies. Our results show that deploying CertRevoke in an operational NDN network is feasible.

Original language	English
Title of host publication	ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking
Place of Publication	New York
Publisher	Association for Computing Machinery
Pages	80-90
Number of pages	11
ISBN (Print)	9781450392570
DOIs	https://doi.org/10.1145/3517212.3558079
Publication status	Published - 2022
Event	9th ACM Conference on Information-Centric Networking (ACM ICN 2022) - Osaka, Japan Duration: 19 Sept 2022 → 21 Sept 2022 https://conferences2.sigcomm.org/acm-icn/2022/

Publication series

Name	ICN - Proceedings of the ACM Conference on Information-Centric Networking

Conference

Conference	9th ACM Conference on Information-Centric Networking (ACM ICN 2022)
Abbreviated title	ICN '22
Place	Japan
City	Osaka
Period	19/09/22 → 21/09/22
Internet address	https://conferences2.sigcomm.org/acm-icn/2022/

Bibliographical note

Research Unit(s) information for this publication is provided by the author(s) concerned.

Funding

We want to thank all the anonymous reviewers and the shepherd Nikos Fotiou for their valuable comments. This work was supported in part by National Science Foundation under awards 2019085 and 2126148, and Research Grants Council of Hong Kong under CityU 11202419.

Research Keywords

certificate revocations
information-centric networking
named data networking
trust management

RGC Funding Information

RGC-funded

Access Output

10.1145/3517212.3558079

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

Yu, T., Xie, H., Liu, S., Ma, X., Jia, X., & Zhang, L. (2022). CertRevoke: A Certificate Revocation Framework for Named Data Networking. In ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking (pp. 80-90). (ICN - Proceedings of the ACM Conference on Information-Centric Networking). Association for Computing Machinery. https://doi.org/10.1145/3517212.3558079

@inproceedings{7c2c042aff5445ea9159515905431491,

title = "CertRevoke: A Certificate Revocation Framework for Named Data Networking",

abstract = "Named Data Networking (NDN) secures network communications by requiring all data packets to be signed upon production. This requirement makes usable and efficient NDN certificate issuance and revocation essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificate revocation, then proceed with the design of CertRevoke, an NDN certificate revocation framework. CertRevoke utilizes naming conventions and trust schema to ensure certificate owners and issuers legitimately produce in-network cacheable records for revoked certificates. We evaluate the security properties and performance of CertRevoke through case studies. Our results show that deploying CertRevoke in an operational NDN network is feasible.",

keywords = "certificate revocations, information-centric networking, named data networking, trust management",

author = "Tianyuan Yu and Hongcheng Xie and Siqi Liu and Xinyu Ma and Xiaohua Jia and Lixia Zhang",

note = "Research Unit(s) information for this publication is provided by the author(s) concerned.; 9th ACM Conference on Information-Centric Networking (ACM ICN 2022), ICN '22 ; Conference date: 19-09-2022 Through 21-09-2022",

year = "2022",

doi = "10.1145/3517212.3558079",

language = "English",

isbn = "9781450392570",

series = "ICN - Proceedings of the ACM Conference on Information-Centric Networking",

publisher = "Association for Computing Machinery",

pages = "80--90",

booktitle = "ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking",

address = "United States",

url = "https://conferences2.sigcomm.org/acm-icn/2022/",

}

Yu, T, Xie, H, Liu, S, Ma, X, Jia, X & Zhang, L 2022, CertRevoke: A Certificate Revocation Framework for Named Data Networking. in ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking. ICN - Proceedings of the ACM Conference on Information-Centric Networking, Association for Computing Machinery, New York, pp. 80-90, 9th ACM Conference on Information-Centric Networking (ACM ICN 2022), Osaka, Japan, 19/09/22. https://doi.org/10.1145/3517212.3558079

CertRevoke: A Certificate Revocation Framework for Named Data Networking. / Yu, Tianyuan; Xie, Hongcheng; Liu, Siqi et al.
ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking. New York: Association for Computing Machinery, 2022. p. 80-90 (ICN - Proceedings of the ACM Conference on Information-Centric Networking).

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - CertRevoke

T2 - 9th ACM Conference on Information-Centric Networking (ACM ICN 2022)

AU - Yu, Tianyuan

AU - Xie, Hongcheng

AU - Liu, Siqi

AU - Ma, Xinyu

AU - Jia, Xiaohua

AU - Zhang, Lixia

N1 - Research Unit(s) information for this publication is provided by the author(s) concerned.

PY - 2022

Y1 - 2022

N2 - Named Data Networking (NDN) secures network communications by requiring all data packets to be signed upon production. This requirement makes usable and efficient NDN certificate issuance and revocation essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificate revocation, then proceed with the design of CertRevoke, an NDN certificate revocation framework. CertRevoke utilizes naming conventions and trust schema to ensure certificate owners and issuers legitimately produce in-network cacheable records for revoked certificates. We evaluate the security properties and performance of CertRevoke through case studies. Our results show that deploying CertRevoke in an operational NDN network is feasible.

AB - Named Data Networking (NDN) secures network communications by requiring all data packets to be signed upon production. This requirement makes usable and efficient NDN certificate issuance and revocation essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificate revocation, then proceed with the design of CertRevoke, an NDN certificate revocation framework. CertRevoke utilizes naming conventions and trust schema to ensure certificate owners and issuers legitimately produce in-network cacheable records for revoked certificates. We evaluate the security properties and performance of CertRevoke through case studies. Our results show that deploying CertRevoke in an operational NDN network is feasible.

KW - certificate revocations

KW - information-centric networking

KW - named data networking

KW - trust management

UR - http://www.scopus.com/inward/record.url?scp=85138690145&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85138690145&origin=recordpage

U2 - 10.1145/3517212.3558079

DO - 10.1145/3517212.3558079

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 9781450392570

T3 - ICN - Proceedings of the ACM Conference on Information-Centric Networking

SP - 80

EP - 90

BT - ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking

PB - Association for Computing Machinery

CY - New York

Y2 - 19 September 2022 through 21 September 2022

ER -

Yu T, Xie H, Liu S, Ma X, Jia X, Zhang L. CertRevoke: A Certificate Revocation Framework for Named Data Networking. In ICN '22 - Proceedings of the 2022 9th ACM Conference on Information-Centric Networking. New York: Association for Computing Machinery. 2022. p. 80-90. (ICN - Proceedings of the ACM Conference on Information-Centric Networking). Epub 2022 Sept 6. doi: 10.1145/3517212.3558079

CertRevoke: A Certificate Revocation Framework for Named Data Networking

Abstract

Publication series

Conference

Bibliographical note

Funding

Research Keywords

RGC Funding Information

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

GRF: A Secure and Verifiable P2P Storage Framework with Dynamic Encrypted Search using Blockchain

Cite this

CertRevoke: A Certificate Revocation Framework for Named Data Networking

Abstract

Publication series

Conference

Bibliographical note

Funding

Research Keywords

RGC Funding Information

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Projects

GRF: A Secure and Verifiable P2P Storage Framework with Dynamic Encrypted Search using Blockchain

Cite this