Named Data Networking (NDN) is a novel Internet architecture which focuses on content distribution by exploiting in-network caching and name-based forwarding. Contrary to today's Internet, NDN has been designed from the ground up to be secure. From a content provider perspective (e.g., YouTube, Netflix), NDN offers appealing advantages in terms of network load and traffic reduction at producer side through in-network requests aggregation and content caching. As a side effect, content providers lose control on content dissemination when consumers' requests are aggregated or satisfied by the network. This hinders the correct application of copyright and licensing agreements: only specific regions are allowed to consume a subset of the distributed contents. In attempt to address this problem, the existing TCP/IP approaches exploit requests' source addresses (at server side) to identify the geographic origin of each request. In NDN these solutions are unfeasible for two reasons: consumers' requests do not carry any source address, and a request will never reach content providers when aggregated or satisfied in the network. We solve this problem by proposing two lightweight and distributed geo-blocking protocols (GATE and FENCE) which use packet marking to identify and validate network regions at network edges. We perform experiments both on a network simulator and by extending the NDN implementation. Through our results we prove the proposed protocols are feasible, i.e., all the regions blacklisted by content providers are blocked and their network costs, in terms of space and router processing overhead, are negligible.

GATE and FENCE: Geo-Blocking Protocols for Named Data Networking

Compagno A.;Conti M.;Lazzeretti R.
2019

Abstract

Named Data Networking (NDN) is a novel Internet architecture which focuses on content distribution by exploiting in-network caching and name-based forwarding. Contrary to today's Internet, NDN has been designed from the ground up to be secure. From a content provider perspective (e.g., YouTube, Netflix), NDN offers appealing advantages in terms of network load and traffic reduction at producer side through in-network requests aggregation and content caching. As a side effect, content providers lose control on content dissemination when consumers' requests are aggregated or satisfied by the network. This hinders the correct application of copyright and licensing agreements: only specific regions are allowed to consume a subset of the distributed contents. In attempt to address this problem, the existing TCP/IP approaches exploit requests' source addresses (at server side) to identify the geographic origin of each request. In NDN these solutions are unfeasible for two reasons: consumers' requests do not carry any source address, and a request will never reach content providers when aggregated or satisfied in the network. We solve this problem by proposing two lightweight and distributed geo-blocking protocols (GATE and FENCE) which use packet marking to identify and validate network regions at network edges. We perform experiments both on a network simulator and by extending the NDN implementation. Through our results we prove the proposed protocols are feasible, i.e., all the regions blacklisted by content providers are blocked and their network costs, in terms of space and router processing overhead, are negligible.
Proceedings - Conference on Local Computer Networks, LCN
978-1-5386-4413-3
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11577/3340659
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact