Securing network content

Abstract

Current networks derive their security from a communication model. The security of content is determined by emph{who} (what host) you retrieved that content from, and the properties of the communication channel over which you retrieved it — was it encrypted, authenticated, and so on. Such security is transient, evaporating after the connection ends, and not transitive — everyone wanting a piece of content must get it from “the horse’s mouth” in order to trust it. We propose a more scalable model wherein content itself is secured, rather than the connections over which it travels. By authenticating content itself with digital signatures, and adding the ability to retrieve that content by name rather than by the identity of the host on which it happens to be stored, we can build networks with a number of desirable security and performance properties. To make content-based security practical and effective, we argue that we must authenticate the emph{linkage} between (arbitrary) names and content, rather than merely authenticating the content or its publisher. We introduce a specific proposal for securing named content effective for both current and future, potentially content-based networks.