Lessons from the past: why data-driven states harm future information-centric networking

Abstract

Information-centric networking (ICN) raises data objects to first class routable entities in the network and changes the Internet paradigm from host-centric connectivity to data-oriented publish/subscribe. We revisit the data-centric paradigm from the perspective of security and resilience and question its applicability in an open, widely distributed routing and forwarding service. Current concepts of content routing are built on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, we explore the vulnerability of the distribution backbone. Based on a straight-forward analytical model we show that local systems cannot be protected from the threats of data-driven state management on an Internet scale. By practical evaluations using the example of the CCNx implementation, we further analyze threats to stability and performance of a data-driven infrastructure that refrains from separating the control from the data plane. We identify intrinsic attack vectors, as well as possibilities and limitations to mitigate them. Our overall findings suggest that major architectural refinements are required prior to global ICN deployment in the real world.