Abdelberi Chaabane

Privacy in content-oriented networking: threats and countermeasures

By: 
Abdelberi Chaabane, Emiliano De Cristofaro, Mohamed Ali Kaafar, Ersin Uzun
Appears in: 
CCR July 2013

As the Internet struggles to cope with scalability, mobility, and security issues, new network architectures are being proposed to better accommodate the needs of modern systems and applications. In particular, Content-Oriented Networking (CON) has emerged as a promising next-generation Internet architecture: it sets to decouple content from hosts, at the network layer, by naming data rather than hosts.

Public Review By: 
Augustin Chaintreau

Does privacy require that the content you want is accessed with a specific physical location of reference? Or, to put it more concretely, is networking using a content centric approach -- or a content oriented one, or named data, or content-based, or information centric ... well you got the idea -- particularly privacy-averse? Or, to narrow it down, are today’s propositions such as CCNx raising additional privacy issues, and what can we do about them? I am going to spoil the surprise: this paper does not really answer most of these questions (for two reasons that I explain below). But, wait! There is more: it does present new attacks and counteractions and, whereas experts will debate whether some of these are known, it is the first time that they are comprehensively described and explained as a whole. Realizing such an exercise was unanimously judged very valuable. In fact one of the reviewers highlighted that, provided such evidence, the paper raises such important concerns “that one should reconsider if the CON architecture is a good idea in the first place.” Neither us nor the authors will attempt to answer that other questions, but it seems without any doubt useful to quickly circulate such study within our community.While reviewers had many comments, the authors did a thorough revision addressing most local comments and criticism, so what you are seeing is a real dense 8 page paper full of insightful observations. I should point out two reasons why, partly independently of the authors's effort, the questions mentioned above can't be answered yet. Firstly, as Steve’s statement above indicates, privacy is generally at odds with networking. Most of the time, our confidence in a system derives from having another one that is currently implemented and relatively “hard” or “unprofitable” to crack. All these architectures, without a real implementation used (and actual private data from or about users) may be victim of a vacuous truth: of course CON is secure, since noone uses it yet, of course it's unsecure, since you can point out one way to use it that leaks important information. However, all reviewers agreed that despite the fact that none of these systems are deployed, proactively anticipating this risk is very important research. Secondly, the limit of CCR page length (and our general editorial policy) emphasizes quick dissemination of ideas, not quantitative tests. A majority of reviewers felt that many of the points highlighted in this paper deserves more time and space to be ultimately decided. Meanwhile, let our review welcome a study that makes us more pragmatic when judging what all these new acronyms do to our networked life, and let us hope that it will lead on a better understanding of privacy beyond today’s Internet.

Syndicate content