Content-centric networking (CCN) becomes an imminent Internet architecture that emphasizes the data-centric approach for information retrieval instead of searching for the hosts in the network. CCN offers data (content) caching and its distribution capabilities to reduce average latency, the load of data servers, and improve network bandwidth utilization during content delivery. In this direction, the performance of node degree centrality and distance-based autonomous caching strategies have been investigated. Then, a novel content caching strategy called content placement based on normalized node degree and distance (CPNDD) is proposed. The CPNDD scheme considers content provider distance and node degree centrality parameters together to select the optimal cache locations for comprehensive utilization of the available caching capacities and a further reduction in average latency during content retrieval. The weights for these caching parameters have been determined via widespread simulations on the Abilene networks. The proposed caching scheme is implemented and tested in the simulated environment of ndnSIM and compared with peer competing schemes in CCN. The execution outcomes are examined for different caching capacities (50 and 100), Zipf popularity skewness factors (0.7 and 1.0) and request rates (50/s and 100/s). The simulation executions illustrate that CPNDD caching strategy escalates the cache hit probability and hop-reduction ratio up-to $$8\%$$
 and $$9\%$$
 as compared to existing schemes. Hence, the proposed content placement scheme improves the performance of CCN networks considerably and makes it suitable for the applications of Industry 4.0.

An efficient content placement scheme based on normalized node degree in content centric networking

Network coding has been proposed to be built into Named Data Networking (NDN) for achieving efficient simultaneous content delivery. Network coding allows intermediate nodes to perform arbitrary coding operations on Data packets. One salient feature of NDN is its content-based security by protecting each Data packet with a signature signed by its publisher. However, in the network coding-based NDN, it remains unclear how to securely and efficiently sign a recoded Data packet at an intermediate router. This work proposes a mechanism to enable linearly homomorphic signatures in network coding-based NDN so as to directly generate a signature for a recoded Data packet by combining the signatures of those Data packets on which the recoding operation is performed.

Enabling Linearly Homomorphic Signatures in Network Coding-based Named Data Networking

The Information-Centric Networking (ICN) provides a new data dissemination Internet paradigm to support the communication services that will meet the end-users’ modern requirements. ICN focuses on transmitting data rather than physical locations. It offers a cache-able environment to fulfill future requirements and delivers communication services with less congestion and bandwidth in a network. The current Internet needs to enhance its architectural design for information distribution by reducing the end-to-end communication practices. ICN-based architecture aims to fulfill the end-users’ requirements and provide a better communication system compared to the current Internet system. ICN implements in-network caching (storage) to facilitate unicast and multicast mechanisms at the same time to deploy efficient and appropriate transmission of the desired information. In this situation, temporary storage is deployed all over the network to serve the requested objects (contents). In the last few years, ICN has shown up as engineering to replace the Internet design. In this paper, a comprehensive study about ICN-based caching mechanisms to enhance the IP-based Internet technologies is presented and analyzes the possible benefits using caching with the Internet of Things, Blockchain, Software Defined Network, 5G, genomic data sets, fog, and edge computing. In the end, the ICN-based caching strategies are mentioned that provide a diverse solution to deal with IP-based Internet technologies in an efficient way to deliver fast data dissemination.

/pdf/elastic-caching-solutions-for-content-dissemination-services-1txa26oafy.pdf

Elastic caching solutions for content dissemination services of ip-based internet technologies prospective

Detecting deadlocks has been considered an important problem in distributed systems. Many approaches are proposed to handle this issue; however, little attention has been paid on coordinating concurrent execution of distributed deadlock detection algorithms. Previous approaches may report incorrect results false negatives, and they are inefficient due to lack of proper coordination of concurrent execution. In this paper, we present a novel concurrent coordination algorithm for distributed generalized deadlock detection. The proposed algorithm aims to avoid false negatives and improve the performance when concurrently executing deadlock detection in a distributed system. Our algorithm adopts diffusion computation to distribute probe messages and employs priority-based method to coordinate concurrent algorithm instances. Priority carried in the received probe messages will be locally recorded by each initiator. Instead of being suspended by higher priority algorithm instances, lower priority algorithm instances can accomplish deadlock detection locally. The initiator with the highest priority will receive and collect all related resource requests information from lower priority instances in a hierarchical manner and perform global deadlock detection at last. We evaluate our algorithm on a bunch of event-driven simulations. The experimental results show that our approach can achieve better accuracy and efficiency compared to previous approaches.

A Novel Concurrent Generalized Deadlock Detection Algorithm in Distributed Systems

pit/"LESS: Stateless Forwarding in Content Centric Networks

Industrial Internet identifiers have the characteristics of heterogeneity, off-site, and foreign ownership. Traditional identifier systems encountered many problems, such as IP address exhaustion or difficulty in addressing and routing, which cannot meet the demands of numerous heterogeneous and interoperable Industrial Internet objects. At the same time, they also face various security risks. In this article, we propose multi-identifier network for Industrial Internet of Things (MIN-IIoT), a universal identifier system named multi-identifier network architecture for Industrial Internet, which supports the coexistence of multiple identifiers, such as identity, content names, services, locations, and IP addresses. MIN-IIoT establishes a unified identifier system and puts forward a series of identifier management methods, including identifier registration, addressing, mutual translation, and route forwarding. In addition, all identifier information is stored in a hierarchical consortium blockchain to ensure that they are authentic and immutable. Identity authentication, Proof of Vote (PoV)-based consensus algorithm, and trusted computing technology effectively protect the security of MIN-IIoT. Meanwhile, MIN-IIoT is convenient for deployment in various complex Industrial field environments. The extensive experiments show that MIN-IIoT has better performance in identifier management of Industrial Internet than traditional methods.

Scalable Identifier System for Industrial Internet Based on Multi-Identifier Network Architecture

To detect and resolve distributed deadlocks in the generalized model, a few algorithms have been proposed. Most of them are distributed algorithms which are based on the diffusing computation technique where propagation of probes and backward propagation of replies are required. On the contrary, centralized algorithms send the dependency information directly to the initiator. However, existing algorithms do not distinguish local deadlocks from global deadlocks. In this paper, we present a semi-centralized algorithm which effectively detects and resolves local deadlocks prior to global deadlocks. To be specific, a consistent snapshot of dependency information of involved nodes is recorded in an information table at each site. Therefore, the detection and resolution of local deadlocks can be performed at each site before the dependency information is sent to the initiator to further detect global deadlocks. The proposed algorithm also handles the problem of phantom edges and concurrent executions. Performance analysis shows that the performance of our algorithm is close to or better than that of the existing algorithms in terms of execution time, message traffic and message size.

A Semi-centralized Algorithm to Detect and Resolve Distributed Deadlocks in the Generalized Model

Content-Centric Networking (CCN), is built on the notion of content-based security. With the integration of Network Coding (NC) into CCN to contribute to the best performance, security, one of the key features of CCN has been left behind. Though the permission for encoding/recoding content packets at producers and intermediate routers provides performance benefits, it also introduces additional security issues and disables existing security practices. In this paper, we fill the gap by analyzing new security challenges brought accordingly and proposing an Autonomous Systems (AS-s) based security mechanism for NC applications in CCN. It can not only guarantee the optimal performance of NC, but also offer the assurance for Integrity, Origin Authentication and Correctness of content packets, together with proving trustworthiness among border routers. More importantly, we also shed light on the performance issues and implementation problems of the mechanism.

An Autonomous System Based Security Mechanism for Network Coding Applications in Content-Centric Networking

The network security in the industrial control system of nuclear power enterprises is related to nuclear power security, and its own characteristics put forward higher requirements for the safety protection system. The traditional passive defense measures of “blocking and killing” cannot fundamentally solve the safety requirements of the industrial control system, which has led to the continuous emergence of nuclear power system safety accidents due to network attacks. Trusted computing technology can timely discover the ongoing network attacks, predict and identify potential attacks through situation awareness and other technologies, and take corresponding measures to block attacks. Application scenarios of Trusted Computing 3.0 in the industrial control system of nuclear power enterprises are discussed, including the overall framework of the system, the construction of trusted nodes, the deployment of the system, and the creation of the whole security system. It provides a powerful guarantee for the safe operation of the industrial control system of nuclear power enterprises.

Research on Application of Trusted Computing 3.0 in Industrial Control System of Nuclear Power Plant

Recently, more and more mobile devices have been connected to the Internet. The Internet environment is complicated, and network security incidents emerge endlessly. Traditional blocking and killing passive defense measures cannot fundamentally meet the network security requirements. Inspired by the heuristic establishment of multiple lines of defense in immunology, we designed and prototyped a Double Defense strategy with Endogenous Safety and Security (DDESS) based on multi-identifier network (MIN) architecture. DDESS adopts the idea of a zero-trust network, with identity authentication as the core for access control, which solves security problems of traditional IP networks. In addition, DDESS achieves individual static security defense through encryption and decryption, consortium blockchain, trusted computing whitelist, and remote attestation strategies. At the same time, with the dynamic collection of data traffic and access logs, as well as the understanding and prediction of the situation, DDESS can realize the situation awareness of network security and the cultivation of immune vaccines against unknown network attacks, thus achieving the active herd defense of network security.

/pdf/towards-double-defense-network-security-based-on-multi-edqhgjlu.pdf

Yunmin Wang

Papers

Scalable Identifier System for Industrial Internet Based on Multi-Identifier Network Architecture

A Semi-centralized Algorithm to Detect and Resolve Distributed Deadlocks in the Generalized Model

An Autonomous System Based Security Mechanism for Network Coding Applications in Content-Centric Networking

Research on Application of Trusted Computing 3.0 in Industrial Control System of Nuclear Power Plant

Towards Double Defense Network Security Based on Multi-Identifier Network Architecture