Proyash Podder is currently pursuing his Ph.D. at Florida International University’s Knight Foundation School of Computing and Information Sciences (KFSCIS), under the guidance of Dr. Alexander Afanasyev. His research focuses on the security of computer networks and future Internet architecture, particularly Named Data Networking (NDN). Prior to this, he completed his Bachelor of Science degree in Computer Science and Engineering from the Bangladesh University of Engineering and Technology in 2017. After graduating, he worked as a Software Engineer at Reve Systems in Bangladesh before joining FIU.
Named Data Networking transforms the network communication model’s abstract so that instead of sending packets to hosts, secured data packets are now immediately fetched by name. The idea of network security is altered by this modification to the networking model. In NDN, the data packets are directly secured at the network layer. Researchers have developed many security technologies that enable secure communication. However, these basic building blocks of NDN security are not directly usable, and so the overarching goal of research in this area is to develop and extend NDN components and tools to make NDN security usable.
One existing work in this direction is trust schemas, which can automate NDN data authentication by defining and enforcing policies on cryptographic keys and data items. While an NDN trust schema was proposed in 2015, it only works for validation, not signing. Versec is a tool that automates both signing and validation, but it has limitations that make it less suited for generic NDN use. Therefore, we have conducted a methodical analysis of Versec and proposed insights for improvements to make it better suited for generic NDN use.
Access control is another area of focus in NDN, with Name-based Access Control (NAC) considered the most promising solution. NAC assumes the existence of an access manager entity responsible for managing the access control mechanism, but the current NAC design lacks guidance on how the access manager learns authorized parties’ key information. To address this, SEANAC, a schema-based approach to automate the NAC process, was proposed to configure the necessary information for the access manager, making it more practical.
The ease of use of NDN security tools is a crucial factor in their future use. Requiring manual configuration of security measures discourages users and developers from using security primitives altogether. Therefore, the proposed research evaluates the current state of various security tools, identifies issues, and puts forward solutions to enhance the automation and usability of the overall NDN security system.