東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

FindBook

Google Book

Amazon

博客來

Named, Secured Data: A Fundamental Building Block for Secure Networking.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Named, Secured Data: A Fundamental Building Block for Secure Networking./
作者:	Zhang, Zhiyi.
出版者:	Ann Arbor : ProQuest Dissertations & Theses, : 2021,
面頁冊數:	141 p.
附註:	Source: Dissertations Abstracts International, Volume: 83-01, Section: B.
Contained By:	Dissertations Abstracts International83-01B.
標題:	Computer science. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28546317
ISBN:	9798516913242

Named, Secured Data: A Fundamental Building Block for Secure Networking.
Zhang, Zhiyi.

Named, Secured Data: A Fundamental Building Block for Secure Networking. - Ann Arbor : ProQuest Dissertations & Theses, 2021 - 141 p.

Source: Dissertations Abstracts International, Volume: 83-01, Section: B.

Thesis (Ph.D.)--University of California, Los Angeles, 2021.

This item must not be sold to any third party vendors.

Securing network communications is a major challenge facing the Internet today. Due to the point-to-point communication model of TCP/IP architecture, at the time when security became a necessity, the channel-based security model, represented by Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS), was applied to secure network communication between hosts. However, designed for synchronous channels over the network infrastructure, this security solution does not fit many emerging network scenarios that require asynchronous communication. In addition, with the growth of content delivery applications, the mismatch between what application needs, i.e., secured data, and what is provided by the channel-based security model, i.e., secured channels, has also been observed in recent years.A newly proposed architecture, Named Data Networking (NDN), has been developed over the past decade. Departing from TCP/IP's network model, NDN considers named secured data, instead of channels, as the building block of the communication, and provides an alternative to today's security model by securing data directly. Not relying on the network context, a piece of named secured data can be forwarded, cached, and reused without breaking the security primitives. To deliver named secured data at the network layer, NDN uses a stateful forwarding plane and forwards packets by names instead of IP addresses.Under this background, there is an urge to understand the difference between the conventional channel-based security model and the new data-centric security model, and explore how to utilize the new way of doing network security to address today's security issues. For this purpose, we first revisit the key concepts of network security from the application's perspective and analyze the main features of the two security models. Then, we present our design of a number of security solutions built over NDN's named secured data, including (i) a self-contained smart home control system, (ii) a DDoS mitigation mechanism that supports fine-grained traffic throttling, (iii) a distributed ledger system for distributed rooftop solar energy system, (iv) a multiparty signing and verification toolset, and (v) a secured data prefetching system for vehicular networking.We also describe two security solutions built on to the application level for (i) asynchronous and privacy-preserving single sign-on (SSO) and (ii) reliable leaker identification in sensitive data sharing, respectively. While not directly built over NDN because of today's deployment constraints, they follow the notion of the data-centric security model.Through the design discussion of these systems, we confirm the unique advantages of the data-centric security model and demonstrate how the new security model and especially, NDN's named secured data, can be applied to address some challenges that are intractable to the channel-based security model.

ISBN: 9798516913242Subjects--Topical Terms:

523869
Computer science.
Subjects--Index Terms:

Data-centric security

Named, Secured Data: A Fundamental Building Block for Secure Networking.
LDR:04294nmm a2200433 4500 001 2345974
005 20220613064827.5
008 241004s2021 ||||||||||||||||| ||eng d
020 $a 9798516913242
035 $a (MiAaPQ)AAI28546317
035 $a AAI28546317
040 $a MiAaPQ $c MiAaPQ
100 1 $a Zhang, Zhiyi. $3 3684992
245 1 0 $a Named, Secured Data: A Fundamental Building Block for Secure Networking.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2021
300 $a 141 p.
500 $a Source: Dissertations Abstracts International, Volume: 83-01, Section: B.
500 $a Advisor: Zhang, Lixia.
502 $a Thesis (Ph.D.)--University of California, Los Angeles, 2021.
506 $a This item must not be sold to any third party vendors.
520 $a Securing network communications is a major challenge facing the Internet today. Due to the point-to-point communication model of TCP/IP architecture, at the time when security became a necessity, the channel-based security model, represented by Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS), was applied to secure network communication between hosts. However, designed for synchronous channels over the network infrastructure, this security solution does not fit many emerging network scenarios that require asynchronous communication. In addition, with the growth of content delivery applications, the mismatch between what application needs, i.e., secured data, and what is provided by the channel-based security model, i.e., secured channels, has also been observed in recent years.A newly proposed architecture, Named Data Networking (NDN), has been developed over the past decade. Departing from TCP/IP's network model, NDN considers named secured data, instead of channels, as the building block of the communication, and provides an alternative to today's security model by securing data directly. Not relying on the network context, a piece of named secured data can be forwarded, cached, and reused without breaking the security primitives. To deliver named secured data at the network layer, NDN uses a stateful forwarding plane and forwards packets by names instead of IP addresses.Under this background, there is an urge to understand the difference between the conventional channel-based security model and the new data-centric security model, and explore how to utilize the new way of doing network security to address today's security issues. For this purpose, we first revisit the key concepts of network security from the application's perspective and analyze the main features of the two security models. Then, we present our design of a number of security solutions built over NDN's named secured data, including (i) a self-contained smart home control system, (ii) a DDoS mitigation mechanism that supports fine-grained traffic throttling, (iii) a distributed ledger system for distributed rooftop solar energy system, (iv) a multiparty signing and verification toolset, and (v) a secured data prefetching system for vehicular networking.We also describe two security solutions built on to the application level for (i) asynchronous and privacy-preserving single sign-on (SSO) and (ii) reliable leaker identification in sensitive data sharing, respectively. While not directly built over NDN because of today's deployment constraints, they follow the notion of the data-centric security model.Through the design discussion of these systems, we confirm the unique advantages of the data-centric security model and demonstrate how the new security model and especially, NDN's named secured data, can be applied to address some challenges that are intractable to the channel-based security model.
590 $a School code: 0031.
650 4 $a Computer science. $3 523869
650 4 $a Alternative energy. $3 3436775
650 4 $a Automotive engineering. $3 2181195
650 4 $a Information science. $3 554358
653 $a Data-centric security
653 $a Network security
653 $a Cyber security
653 $a Smart home control
653 $a Traffic throttling
653 $a Distributed ledger system
653 $a Rooftop solar energy system
653 $a Verification
653 $a Vehicular networking
690 $a 0984
690 $a 0723
690 $a 0363
690 $a 0540
710 2 $a University of California, Los Angeles. $b Computer Science 0201. $3 2049859
773 0 $t Dissertations Abstracts International $g 83-01B.
790 $a 0031
791 $a Ph.D.
792 $a 2021
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28546317