Access Control Enforcement Delegation for Information-Centric Networking Architectures
Information is the building block of Information Centric Networks (ICNs). Access control policies limit information dissemination to authorized entities only. Defining access control policies in an ICN is a non-trivial task as an information item may exist in multiple copies dispersed in various network locations, including caches and content replication servers. In this paper, the authors propose an access control enforcement delegation scheme which enables the purveyor of an information item to evaluate a request against an access control policy, without having access to the requestor credentials nor to the actual definition of the policy.