A Robust Trust Model for Named-Data Networks

Any future Internet architecture must offer improved protection and resilience over today’s network, which is subject to pervasive and persistent attacks. A recently emerging architecture, Named-Data Network (NDN), treats content as the primitive entity. This leads to decoupling location from identity, security and access, and retrieving content by name. NDN security is based on the establishment of a trustworthy routing mesh, relying on singed routing messages and an appropriate trust model. Signature verification of NDN content merely indicates that it was signed with a particular key. Making this information useful to applications requires managing trust, allowing content consumers to determine acceptable signature keys in a given context. In this paper, we propose a robust trust model for NDN to securely learn public keys of content publishers so that applications can determine what keys are trustworthy. In doing so, the user asks for publisher key recommendations from all entities in its community of trust, which consist of people the user personally knows, as in real world interactions. A local policy is then used to decide consistency of responses, and hence trustworthiness of the publisher’s key. Also, we present a suitable key revocation approach for this model. We then provide a discussion on robustness of this model against various attacks.