Current network use is dominated by content distribution and retrieval yet current networking protocols are designed for conversations between hosts. Accessing content and services requires mapping from the what that users care about to the network's where. We present Content-Centric Networking (CCN) which uses content chunks as a primitive---decoupling location from identity, security and access, and retrieving chunks of content by name. Using new approaches to routing named content, derived from IP, CCN simultaneously achieves scalability, security, and performance. We describe our implementation of the architecture's basic features and demonstrate its performance and resilience with secure file downloads and VoIP calls.

Networking named content

This is a review of Collected Works of John Tate. Parts I, II, edited by Barry Mazur and Jean-Pierre Serre. American Mathematical Society, Providence, Rhode Island, 2016. For several decades it has been clear to the friends and colleagues of John Tate that a “Collected Works” was merited. The award of the Abel Prize to Tate in 2010 added impetus, and finally, in Tate’s ninety-second year we have these two magnificent volumes, edited by Barry Mazur and Jean-Pierre Serre. Beyond Tate’s published articles, they include five unpublished articles and a selection of his letters, most accompanied by Tate’s comments, and a collection of photographs of Tate. For an overview of Tate’s work, the editors refer the reader to [4]. Before discussing the volumes, I describe some of Tate’s work. 1. Hecke L-series and Tate’s thesis Like many budding number theorists, Tate’s favorite theorem when young was Gauss’s law of quadratic reciprocity. When he arrived at Princeton as a graduate student in 1946, he was fortunate to find there the person, Emil Artin, who had discovered the most general reciprocity law, so solving Hilbert’s ninth problem. By 1920, the German school of algebraic number theorists (Hilbert, Weber, . . .) together with its brilliant student Takagi had succeeded in classifying the abelian extensions of a number field K: to each group I of ideal classes in K, there is attached an extension L of K (the class field of I); the group I determines the arithmetic of the extension L/K, and the Galois group of L/K is isomorphic to I. Artin’s contribution was to prove (in 1927) that there is a natural isomorphism from I to the Galois group of L/K. When the base field contains an appropriate root of 1, Artin’s isomorphism gives a reciprocity law, and all possible reciprocity laws arise this way. In the 1930s, Chevalley reworked abelian class field theory. In particular, he replaced “ideals” with his “idèles” which greatly clarified the relation between the local and global aspects of the theory. For his thesis, Artin suggested that Tate do the same for Hecke L-series. When Hecke proved that the abelian L-functions of number fields (generalizations of Dirichlet’s L-functions) have an analytic continuation throughout the plane with a functional equation of the expected type, he saw that his methods applied even to a new kind of L-function, now named after him. Once Tate had developed his harmonic analysis of local fields and of the idèle group, he was able prove analytic continuation and functional equations for all the relevant L-series without Hecke’s complicated theta-formulas. Received by the editors September 5, 2016. 2010 Mathematics Subject Classification. Primary 01A75, 11-06, 14-06. c ©2017 American Mathematical Society

The collected works

A system and method for securely streaming encrypted digital media content out of a digital container to a user's media player. This streaming occurs after the digital container has been delivered to the user's machine and after the user has been authorized to access the encrypted content. The user's operating system and media player treat the data stream as if it were a being delivered over the Internet (or other network) from a streaming web server. However, no Internet connection is required after the container has been delivered to the user and the data stream suffers no quality loss due to network traffic or web server access problems. In this process of the invention, the encrypted content files are decrypted and fed to the user's media player in real time and are never written to the user's hard drive or storage device. This process makes unauthorized copying of the digital content contained in the digital container virtually impossible.

Secure streaming container

A method for providing unequal allocation of rights among agents while operating according to fair principles, comprising assigning a hierarchal rank to each agent; providing a synthetic economic value to a first set of agents at the a high level of the hierarchy; allocating portions of the synthetic economic value by the first set of agents to a second set of agents at respectively different hierarchal rank than the first set of agents; and conducting an auction amongst agents using the synthetic economic value as the currency. A method for allocation among agents, comprising assigning a wealth generation function for generating future wealth to each of a plurality of agents, communicating subjective market information between agents, and transferring wealth generated by the secure wealth generation function between agents in consideration of a market transaction. The method may further comprise the step of transferring at least a portion of the wealth generation function between agents.

Multifactorial optimization system and method

The Datagram Congestion Control Protocol (DCCP) is a transport
protocol that provides bidirectional unicast connections of
congestion-controlled unreliable datagrams. DCCP is suitable for
applications that transfer fairly large amounts of data and that can
benefit from control over the tradeoff between timeliness and
reliability. [STANDARDS-TRACK]

Datagram Congestion Control Protocol (DCCP)

This document describes the Secure Real-time Transport Protocol (SRTP), a profile of the Real-time Transport Protocol (RTP), which can provide confidentiality, message authentication, and replay protection to the RTP traffic and to the control traffic for RTP, the Real-time Transport Control Protocol (RTCP).

/pdf/the-secure-real-time-transport-protocol-srtp-3rvxgkjhxk.pdf

The Secure Real-time Transport Protocol (SRTP)

The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: while some cloud computing security issues are inherited from the solutions adopted to create such services, many new security questions that are particular to these solutions also arise, including those related to how the services are organized and which kind of service/data can be placed in the cloud. Aiming to give a better understanding of this complex scenario, in this article we identify and classify the main security concerns and solutions in cloud computing, and propose a taxonomy of security in cloud computing, giving an overview of the current status of security in this emerging technology.

/pdf/a-quantitative-analysis-of-current-security-concerns-and-1ybg9dckty.pdf

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

This document describes a key management scheme that can be used for
real-time applications (both for peer-to-peer communication and group
communication) In particular, its use to support the Secure Real-time
Transport Protocol is described in detail Security protocols for
real-time multimedia applications have started to appear This has
brought forward the need for a key management solution to support
these protocols [STANDARDS-TRACK]

/pdf/mikey-multimedia-internet-keying-3ga5tuczhl.pdf

MIKEY: Multimedia Internet KEYing

A method of facilitating the lawful interception of an IP session between two or more terminals 12,13, wherein said session uses encryption to secure traffic. The method comprises storing a key allocated to at least one of said terminals 12,13 or to at least one of the subscribers using one of the terminals 12,13, at the terminal 12,13 and at a node 5,8 within a network 1,6 through which said session is conducted, or a node coupled to that network. Prior to the creation of said session, a seed value is exchanged between the terminal 12,13 at which the key is stored and said node 5,8. The key and the seed value are used at both the terminal 12,13 and the node 5,8 to generate a pre-master key. The pre-master key becomes known to each of the terminals 12,13 involved in the IP session and to the network node 5,8. The pre-master key is used, directly or indirectly, to encrypt and decrypt traffic associated with said IP session.

Lawful interception of end-to-end encrypted data traffic

The invention refers to monitoring usage of digital content provided from a content provider (30) over a network (40) to a client system (10). In the client system (10), a logging agent (150) generates and stores information concerning usage of the digital content individually for each usage to be monitored. The generated information is entered in a usage log (170; 175), either stored in the client system (10) or at a trusted party. The logged usage information is also authenticated allowing identification of the client using the associated digital content. The entries (172) of the log (170; 175) may include a representation (172-1) of the content, information about usage quality (172-2) and/or usage time (172-N). The logging agent (150) is preferably implemented in a portable tamper-resistant module (400), e.g. a network subscriber identity module. The module (400) may be pre-manufactured with the logging agent (150), or the agent (150) can be downloaded thereto.

Mats Näslund

Papers

The Secure Real-time Transport Protocol (SRTP)

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

MIKEY: Multimedia Internet KEYing

Lawful interception of end-to-end encrypted data traffic

Monitoring of digital content provided from a content provider over a network