CAJ | 학술논문

信息中心网络（information-centric networking，ICN）已经成为下一代网络架构研究的新热点。针对 Net-Inf（network of information）架构下，由于无效的数据注册，NRS 在发布阶段容易受伪装和内容投毒攻击，提出在发布和检索之前增加一个注册阶段，并集成认证和授权方案；该阶段在主机访问 NetInf 系统之前，对其进行身份认证并采用基于能力的访问策略来解决未经授权的访问问题。通过形式化方法验证，该方法提高了 NetInf 框架的安全性。
신식중심망락（information-centric networking，ICN）이경성위하일대망락가구연구적신열점。침대 Net-Inf（network of information）가구하，유우무효적수거주책，NRS 재발포계단용역수위장화내용투독공격，제출재발포화검색지전증가일개주책계단，병집성인증화수권방안；해계단재주궤방문 NetInf 계통지전，대기진행신빈인증병채용기우능력적방문책략래해결미경수권적방문문제。통과형식화방법험증，해방법제고료 NetInf 광가적안전성。
Information-centric networking(ICN)has been a novel hotspot in the field of future Internet architecture.Aiming at NRS is vulnerable to masquerading and content poisoning attacks in the NetInf,because of invalid data registration,this pa-per proposed a registration stage,which integrated authentication and authorization scheme and took place before the publica-tion and retrieval.The stage authenticated hosts before they accessed the NetInf system.In addition,the registration stage used the capability-based access policies to solve the problem of unauthorized access.It formally verified the proposed schemes by using formal methods.The results show the schemes improves the security of the NetInf framework.