Project

General

Profile

Feature #3161

Updated by Junxiao Shi about 9 years ago

Logically partition the ContentStore by according the Link object used to retrieve Data packets. 

 **Necessity** 
 Forwarding with Link leads to concerns about cache poisoning.   
 For example, Eve may express an Interest ndn:/victim/index.html with Link [{10,ndn:/eve2}], and setup a producer at ndn:/eve2 network to return fake Data for ndn:/victim/index.html. 
 NFD does not validate signatures on this Data because it lacks the trust model to do so, and will admit this Data into the ContentStore. 
 After that, Interests for ndn:/victim/index.html will match the cached Data, even if it has no Link object, or the Link object points to a different routable prefix. 

 **Solution** 
 The ContentStore should be logically partitioned according to the Link object.   
 A cached Data is stored along with the Link object used to retrieve it; this applies to consumer region and Internet, but not within producer region where Link delegations are ignored. 
 An incoming Interest with a Link object can be satisfied by a cached Data if the cached Data has no Link object or has the same Link object.   
 This solution reduces cache poisoning It's safe to be use a Data with no worse than a network without Link objects, object, because each Link object this Data has its own logical ContentStore, been retrieved via routable prefix, so that Eve's fake Data cannot affect Interests without Eve's Link object. 
 The cost the risk of this solution cache poisoning is that no worse than previous; it's also beneficial because it allows the same Interest to be satisfied by cached Data may be stored multiple times with different Link objects, but this can happen only during an attack with Eve's Link object, or when as soon as it enters the producer has published multiple region regardless of what Link objects. object it carries. 

 This issue includes: 

 * CS index: logically partition the index by Link object 
 * CS insert: accept "Link object used for Data retrieval" as a parameter 
 * CS lookup: if Interest has Link object, match a Data only if it has no Link object or has the same Link object 

 NFD Developer Guide should be updated as part of this issue.   
 Changes in forwarding are necessary to pass a Link object to CS insert procedure, but they are not part of this issue.

Back