By moving computing resources close to where they are needed (i.e., the network edges), edge computing can significantly reduce burden on the centric cloud data centers. However, extreme scale of on-line big data may impose a significant burden on the network backbones. Information-centric edge networking can address this challenge by incorporating in-network caching into edge networks. This however, opens a door for many new security issues and requires various security defenses. One of those is efficient access control design specifically for information-centric edge networking. In this work, we aim to design an efficient and secure access control scheme for information-centric edge networking. In our design, we propose the confidentiality-enhanced network coding which can ensure that, without having access to the authorization key, the attacker will not be able to obtain the original content. And thanks to the properties of confidentiality-enhanced network coding, highly efficient access control can be realized by encrypting only part of the encoding matrix. In addition, our design can allow efficiently revoking users. Security analysis and experimental evaluation on NS3 demonstrate that our scheme can successfully enforce access control in information-centric edge networking with a small overhead.

中文翻译：

---

在以信息为中心的边缘网络中实施访问控制

通过将计算资源靠近需要的地方（即网络边缘），边缘计算可以显着减轻中心云数据中心的负担。然而，超大规模的在线大数据可能会给网络骨干带来巨大的负担。以信息为中心的边缘网络可以通过将网络内缓存整合到边缘网络中来解决这一挑战。然而，这为许多新的安全问题打开了一扇门，需要各种安全防御。其中之一是专门针对以信息为中心的边缘网络的高效访问控制设计。在这项工作中，我们旨在为以信息为中心的边缘网络设计一种高效且安全的访问控制方案。在我们的设计中，我们提出了保密性增强的网络编码，它可以确保在无法访问授权密钥的情况下，攻击者将无法获得原始内容。并且由于网络编码具有保密性增强的特性，只需对编码矩阵的一部分进行加密就可以实现高效的访问控制。此外，我们的设计可以允许有效地撤销用户。NS3 上的安全分析和实验评估表明，我们的方案可以以很小的开销成功地在以信息为中心的边缘网络中实施访问控制。