1 / 13

Domain name service for Named Data Networking

Domain name service for Named Data Networking. In proceedings of the 26th International Conference on Computer Communications and Networks (ICCCN), July 2017 Alexander Afanasyev , Xiaoke Jiang, Yingdi Yu, Jiewen Tan, Yumin Xia, Allison Mankin , and Lixia Zhang. Outline. Background

hockenberry
Download Presentation

Domain name service for Named Data Networking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Domain name service for Named Data Networking In proceedings of the 26th International Conference on Computer Communications and Networks (ICCCN), July 2017 Alexander Afanasyev, Xiaoke Jiang, Yingdi Yu, Jiewen Tan, Yumin Xia, Allison Mankin, and LixiaZhang

  2. Outline • Background • DomainNameSystem(DNS) • NDNDNS(NDNS) • Conclusion

  3. Background • DNS • ThemainpurposeofDNSistoresolvehuman-readablehostnameintoIPaddress. • NDNS • NDNScouldsupporttheconsumertogettheforwardinghint. • Forwardinghint–Iftheconsumersendaninterestwhichisunreachable,theforwardinghintcoulddirecttheinteresttotheprefixwhichcouldreachtheproducer.

  4. DNS

  5. (Iterativequery) 1.Whereiswww.google.com 2.Whereiswww.google.com . Client LocalDNS 3.Idon’tknow,buthereisthenameserverof“com” (Recursivequery) 4.Whereiswww.google.com com Cached NoRecord 5.Idon’tknow,buthereisthenameserverof“google” 2.(8)TheIPaddressis172.217.27.132 6.Whereiswww.google.com google 7.Iknow,theIPaddressis172.217.27.132

  6. DNSSecurityExtensions(DNSSEC) • WhydoweneedDNSSEC?Ifyouqueryfor“www.google.com”,thecorrectIPaddressshouldbe172.217.27.132,butitreturntheotheronewhichmaystealsomepersonalinformation. • DNSSECpurpose: • Dataintegrity • OriginauthenticationofDNSdata • Authenticateddenialofexistence

  7. DigitalSignature Signing RSA–PrivateKey MD5,SHA HashValue Data DigitallySignedData Verification MD5,SHA Check HashValue1 Data RSA–PublicKey DigtallySignedData HashValue2

  8. DNSKEY(KSK) DNSKEY(ZSK) RRSIGZSK RRSIGRRset DS KeySigningKeys(KSK) ZoneSigningKeys(ZSK) ResourceRecordSigature(RRSIG) DelegationSigner(DS) com DNSKEY(KSK) DNSKEY(ZSK) RRSIGZSK RRSIGRRset RRset google.com MD5,SHA MD5,SHA MD5,SHA Check Check Check KSK ZSK HashValue1 HashValue1 RRset HashValue1 KSK–PublicKey ZSK–PublicKey RRSIGZSK DS HashValue2 HashValue2 RRSIGRRset HashValue2

  9. NDNS • Recursivequery–Ifthedataiscached,theconsumercouldusetheprefix“NDNS-R”topresentarecursivequery. “/NDNS-R/net/ndnsim/www/TXT”(TheclosestNDNS) “/com/google/NDNS-R/net/ndnsim/www/TXT”(TheNDNSofgoogle) • Iterativequery–Ifthedataisnotcached,theiterativequerywouldbelookedlike“/NDNS/zone_name/NS”.

  10. Label Itcouldberepresentasservices(ex:WebService)orapplications. Type TXTFree-formed text record NSForwarding hints CERTNDNS public key certificates APPCERTApplications certificate

  11. /ucla/cs+/net/ndnsim… /net/ndnsim /ucla/cs /net/ndnsim+…

  12. NDNSSecurity

  13. Conclusion • NDNScanmakethattheproducerswhoarenotintheglobalnetworkcouldbereachable. • NDNSisaexamplethatevenweportthesimilarmechanismfromIPtoNDN,it’susecouldbedifferentfromtraditionalmethod.

More Related