Mecanismo de garantia de privacidade para aplicações em redes orientadas a conteúdo
| Ano de defesa: | 2016 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): |
Zorzo, Sérgio Donizetti
 |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal de São Carlos
Câmpus São Carlos |
| Programa de Pós-Graduação: |
Programa de Pós-Graduação em Ciência da Computação - PPGCC
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Palavras-chave em Inglês: | |
| Área do conhecimento CNPq: | |
| Link de acesso: | https://repositorio.ufscar.br/handle/20.500.14289/7748 |
Resumo: | The current use of the Internet differs greatly in relation to its initial design. Internet users are becoming interested in accessing and sharing content regardless of their physical location. For future Internet, information-centric networking is considered a potential solution to many of its current problems. Information-centric networking treats content as the main element in the architecture rather than the host location. Information-centric networking is intended in becoming Internet most efficient and safe, however, as it is still under development, it leaves open the solution to many privacy issues. The privacy concept may cover many different aspects and must be respected by applications. In this work the privacy is considered as the right of the user to control who can access your data. Thus, this work aims to propose a mechanism for applications in Information-centric networking that allow a publisher user to define which users can access their content. To ensure the content confidentiality and hence the user's privacy publisher, the proposed mechanism uses an attribute-based encryption technique, called CP-ABE, which allows the use of access policies that are defined and stored in the content. To enable the immediate revocation of privileges, it is inserted a proxy server that operates in the decryption process. As a proof of concept of the feasibility of the proposed mechanism, an application to share encrypted file was developed. The application adopts an access control policy that limits the decryption only by authorized users. This application was performed on a simulator of the Named-Data Networking architecture, called ndnSIM. Performance tests against major system functions have been performed in order to determine the feasibility and limitations of the mechanism. The tests analyzes the file size after encryption, processing time and RAM memory consumption. The tests concluded that the mechanism is viable in terms of performance. |