IaaS-Aided Access Control for Information-Centric IoT

Information-Centric Networking (ICN) is a novel network architecture designed to replace the current IP-based architecture. In ICN, contents are identified based on unique names and can be cached in-network in order to immediately serve subsequent requests. These characteristics are particularly important in the context of the Internet of Things (IoT), where they allow to heavily reduce loads on the things, as well as increase content availability and decrease energy consumption. In this paper we address the open problem of providing access control for IoT deployments in ICN. Our protocol takes advantage of the reliance of IoT on Infrastructure-as-a-Service and provides confidentiality, traitor tracing and revocation of an unbound number of users. At the same time, our protocol preserves both network caching and location-independent content retrieval. To the best of our knowledge, our protocol is the first access control protocol for ICN providing all these advantages. We provide an extensive analysis of the security properties of our protocol, as well as a thorough experimental evaluation. Our evaluation shows that our protocol does not pose significant over-head with respect to published content size nor computational time required. Considering a popular IoT camera, our evaluation shows that our protocol introduces 0.27% size overhead and 150ms of computational overhead for a 7 seconds stream.