{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:37:28Z","timestamp":1760189848480},"reference-count":34,"publisher":"Oxford University Press (OUP)","issue":"4","license":[{"start":{"date-parts":[[2023,8,13]],"date-time":"2023-08-13T00:00:00Z","timestamp":1691884800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/pages\/standard-publication-reuse-rights"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,4,21]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Named Data Networking (NDN) is an emerging network architecture. An important characteristic of NDN is its in-network cache, which enables Data packets to be available from multiple locations on the Internet. Hence the enforcement of access control mechanisms becomes even more critical in the NDN. This paper proposes a novel access control scheme referred to as Role-Based Encryption for NDN (NDN-RBE), which uses a broadcast encryption mechanism to achieve secure data access control. Our scheme uses the role inheritance property of the traditional Role-Based Access Control (RBAC) model to achieve efficient data access control over hierarchical content. This makes our scheme particularly suitable for large-scale real-world content-centric services like Netflix. Our scheme also supports additional design features such as anonymous signature-based authentication, batch signature verification and two types of privilege revocations. In addition, our formal security analysis demonstrates that our scheme is provably secure against Chosen Plaintext Attacks. Our performance and functionality comparison show that our scheme outperforms other notable existing works in terms of security, functionality, computation, communication and storage overhead. Furthermore, our experimental results show an improvement in content delivery time of the order of 15 percent compared with the other closely related works.<\/jats:p>","DOI":"10.1093\/comjnl\/bxad083","type":"journal-article","created":{"date-parts":[[2023,8,16]],"date-time":"2023-08-16T16:07:47Z","timestamp":1692202067000},"page":"1572-1589","source":"Crossref","is-referenced-by-count":3,"title":["NDN-RBE: An Accountable Privacy Aware Access Control Framework For NDN"],"prefix":"10.1093","volume":"67","author":[{"given":"Nazatul Haque","family":"Sultan","sequence":"first","affiliation":[{"name":"CSIRO Data61 , Australia"}]},{"given":"Vijay","family":"Varadharajan","sequence":"additional","affiliation":[{"name":"University of Newcastle , Australia"}]},{"given":"Saurab","family":"Dulal","sequence":"additional","affiliation":[{"name":"University of Memphis , USA"}]},{"given":"Seyit","family":"Camtepe","sequence":"additional","affiliation":[{"name":"CSIRO Data61 , Australia"}]},{"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[{"name":"CSIRO Data61 , Australia"}]}],"member":"286","published-online":{"date-parts":[[2023,8,13]]},"reference":[{"key":"2024042316183012200_ref1","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1145\/2656877.2656887","article-title":"Named data networking","volume":"44","author":"Zhang","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"2024042316183012200_ref2","article-title":"A new way to look at networking","author":"Jacobson","journal-title":"Google Tech Talk"},{"key":"2024042316183012200_ref3","article-title":"and Nepal, S. An accountable access control scheme for hierarchical content in named data networks with revocation","volume-title":"Proceedings of 25th European Symposium on Research in Computer Security, ESORICS 2020","author":"Sultan"},{"key":"2024042316183012200_ref4","first-page":"164","article-title":"A secure access and accountability framework for provisioning services in named data networks","volume-title":"Proceedings of 40th International Symposium on Reliable Distributed Systems (SRDS), Virtual","author":"Sultan"},{"key":"2024042316183012200_ref5","doi-asserted-by":"crossref","first-page":"566","DOI":"10.1109\/COMST.2017.2749508","article-title":"Security, privacy, and access control in information-centric networking: a survey","volume":"20","author":"Tourani","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"2024042316183012200_ref6","doi-asserted-by":"crossref","first-page":"308","DOI":"10.1109\/TIFS.2014.2365742","article-title":"Live: lightweight integrity verification and content access control for named data networking","volume":"10","author":"Li","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2024042316183012200_ref7","first-page":"176","article-title":"Securing content sharing over icn","volume-title":"Proceedings of the 3rd ACM Conference on Information-Centric Networking, Kyoto, Japan","author":"Fotiou"},{"key":"2024042316183012200_ref8","first-page":"456","article-title":"Tactic: Tag-based access control framework for the information-centric wireless edge networks","volume-title":"Proceedings of IEEE 38th International Conference on Distributed Computing Systems (ICDCS)","author":"Tourani"},{"key":"2024042316183012200_ref9","first-page":"598","article-title":"Krb-ccn: lightweight authentication and access control for private content-centric networks","volume-title":"Proceedings of 16th International Conference on Applied Cryptography and Network Security, ACNS 2018","author":"Nunes"},{"key":"2024042316183012200_ref10","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1109\/TNSM.2018.2864330","article-title":"Fgac-ndn: fine-grained access control for named data networks","volume":"16","author":"Tseng","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"2024042316183012200_ref11","doi-asserted-by":"crossref","first-page":"1921","DOI":"10.1109\/JSYST.2019.2931813","article-title":"Secure distribution of protected content in information-centric networking","volume":"14","author":"Bilal","journal-title":"IEEE Syst. J."},{"key":"2024042316183012200_ref12","first-page":"1","article-title":"Lasa: Lightweight, auditable and secure access control in icn with limitation of access times","volume-title":"Proceedings of IEEE International Conference on Communications (ICC)","author":"He"},{"key":"2024042316183012200_ref13","first-page":"303","article-title":"In-device proxy re-encryption service for information-centric networking access control","volume-title":"Proceedings of IEEE 43rd Conference on Local Computer Networks (LCN)","author":"Suksomboon"},{"key":"2024042316183012200_ref14","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1109\/TDSC.2017.2672991","article-title":"Accconf: an access control framework for leveraging in-network cached data in the icn-enabled wireless edge","volume":"16","author":"Misra","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"2024042316183012200_ref15","first-page":"1","article-title":"Tsls: time sensitive, lightweight and secure access control for information centric networking","volume-title":"Proceedings of IEEE Global Communications Conference (GLOBECOM)","author":"Xia"},{"key":"2024042316183012200_ref16","doi-asserted-by":"crossref","first-page":"1220","DOI":"10.1109\/TNET.2019.2914189","article-title":"A secure, efficient, and accountable edge-based access control framework for information centric networks","volume":"27","author":"Xue","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"2024042316183012200_ref17","doi-asserted-by":"crossref","first-page":"4462","DOI":"10.1109\/TNSM.2021.3096428","article-title":"Fase: fine-grained accountable and space-efficient access control for multimedia content with in-network caching","volume":"18","author":"He","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"2024042316183012200_ref18","doi-asserted-by":"crossref","first-page":"1947","DOI":"10.1109\/TIFS.2013.2286456","article-title":"Achieving secure role-based access control on encrypted data in cloud storage","volume":"8","author":"Zhou","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2024042316183012200_ref19","first-page":"237","article-title":"Role-based access control","author":"Sandhu","journal-title":"Adv. Comput."},{"key":"2024042316183012200_ref20","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1109\/TCC.2021.3071304","article-title":"Securing organization\u2019s data: a role-based authorized keyword search scheme with efficient decryption","volume":"11","author":"Sultan","journal-title":"IEEE Trans. Cloud Comput."},{"key":"2024042316183012200_ref21","doi-asserted-by":"crossref","first-page":"2381","DOI":"10.1109\/TIFS.2015.2455952","article-title":"Trust enhanced cryptographic role-based access control for secure cloud data storage","volume":"10","author":"Zhou","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2024042316183012200_ref22","first-page":"1","article-title":"A role-based encryption (rbe) scheme for securing outsourced cloud data in a multi-organization context","author":"Sultan","journal-title":"Trans. Serv. Comput."},{"key":"2024042316183012200_ref23","first-page":"1","article-title":"An encryption-based access control framework for content-centric networking","volume-title":"Proceedings of IFIP networking conference (IFIP networking)","author":"Kuriharay"},{"key":"2024042316183012200_ref24","first-page":"626","article-title":"Nac: Automating access control via named data","volume-title":"Proceedings of IEEE Military Communications Conference (MILCOM)","author":"Zhang"},{"key":"2024042316183012200_ref25","first-page":"114","article-title":"Building a secure mhealth data sharing infrastructure over ndn","volume-title":"Proceedings of the 9th ACM Conference on Information-Centric Networking","author":"Dulal"},{"key":"2024042316183012200_ref26","first-page":"53","article-title":"Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization","volume-title":"Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography (PKC\u201911)","author":"Waters"},{"key":"2024042316183012200_ref27","first-page":"295","article-title":"Dynamic universal accumulators for ddh groups and their application to attribute-based anonymous credential systems","volume-title":"Proceedings of The Cryptographers\u2019 Track at the RSA Conference- Topics in Cryptology","author":"Au"},{"key":"2024042316183012200_ref28","article-title":"Supporting non-membership proofs with bilinear-map accumulators","author":"Damg\u00e5rd","journal-title":"Cryptology ePrint Archive"},{"key":"2024042316183012200_ref29","doi-asserted-by":"crossref","first-page":"1020","DOI":"10.1093\/comjnl\/bxp078","article-title":"Protection against denial of service attacks: a survey","volume":"53","author":"Loukas","journal-title":"Comput. J."},{"key":"2024042316183012200_ref30","volume-title":"NDN Project Team Mini-NDN \u2013 a lightweight NDN emulator"},{"key":"2024042316183012200_ref31","first-page":"1","article-title":"A network in a laptop: rapid prototyping for software-defined networks","volume-title":"Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks","author":"Lantz"},{"key":"2024042316183012200_ref32","volume-title":"ndnsim: Ndn simulator for ns-3. Technical Report NDN\u20130005, NDN","author":"Afanasyev"},{"key":"2024042316183012200_ref33","volume-title":"The NDN Team Ndn testbed snapshot"},{"key":"2024042316183012200_ref34","first-page":"1045","article-title":"Experimental comparison between geohyperbolic and hyperbolic routing in ndn","volume-title":"Proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","author":"Dulal"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/4\/1572\/57295966\/bxad083.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/4\/1572\/57295966\/bxad083.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,23]],"date-time":"2024-04-23T16:59:48Z","timestamp":1713891588000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/67\/4\/1572\/7241751"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,8,13]]},"references-count":34,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,8,13]]},"published-print":{"date-parts":[[2024,4,21]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxad083","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2024,4]]},"published":{"date-parts":[[2023,8,13]]}}}