[Ndn-interest] Secure Log-in mechanism in NDN
Junxiao Shi
shijunxiao at email.arizona.EDU
Sun Mar 19 05:19:59 PDT 2017
Hi Jongdeog
First of all, any NDN application, including ndnping, has a "producer and
consumer model". I guess you mean "server and client model". The client can
download from the server, and can upload to the server. During the upload,
the client would act as a producer while the server acts as a consumer.
In web technology, "log-in" means session management. A Windows 7
era example: Alice wants to access her Hotmail mailbox. She visits
hotmail.com, which redirects her to Windows Live ID sign-in page. Over
there, she either types her username and password, or selects a smartcard
via Windows CardSpace. Windows Live ID issues a token (as a browser cookie)
to Alice, which is accepted by hotmail.com and Alice is able to access her
mailbox. When she finishes, pressing sign-out revokes the token so that
nobody else can use it.
The session token / session cookie in web technology is equivalent to
certificate in NDN.
The NDN equivalent of the above, assuming using smartcard, is: Alice issues
a certificate for her Hotmail session and have it signed by her smartcard,
she can then access Hotmail with this certificate. Session ends when the
certificate expires.
The case with username+password is more complicated in NDN, but still
doable: Alice generates a key pair, and sends a certificate request along
with the username+password to Windows Live ID sign-in service (the message
is encrypted by Windows Live ID site's public key). After obtaining a
certificate from Windows Live ID, Alice can issue herself a Hotmail session
certificate.
Yours, Junxiao
On Thu, Mar 9, 2017 at 3:56 PM, Lee, Jongdeog <jlee700 at illinois.edu> wrote:
> Dear all,
>
> Hope all of you are doing fine. I have a question regarding NDN log-in
> mechanism.
>
> Given that we have producer and consumer model, what would be a secure
> (possibly standard) log-in mechanism? Or there is no such thing in NDN
> world by assuming that all producer and consumer have public-private key
> pairs?
>
> Best wishes,
> Jongdeog Lee (JD)
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20170319/8a82df68/attachment.html>
More information about the Ndn-interest
mailing list