Lighthouse: Securing the Transition Toward the Future Internet


The Internet has been an unprecedented and lasting success story, fueled by the simplicity of its architectural design grounded on the Internet Protocol (IP). Nonetheless, several limitations of IP have been emerging in recent years, due to the unexpected shift in the Internet usage (mainly due to increased mobility, number of connected devices, network-based services, and distributed content production). Information-Centric Networking (ICN) paradigm (pivoted on content distribution, rather than hosts "connection") has been proposed as a possible replacement for the current IP-based host-centric Internet infrastructure. A significant effort has been already put by Governments, Industry and Academia to assess the feasibility and effectiveness of ICN. While results are promising and research, implementation, and testing efforts are continuing restless, an aspect has been widely underestimated: a smooth and secure transition from current IP-world to the "future" ICN-world, which is only possible through a long period of co-existence of ICN-based Internet "islands" in the IP-based Internet "ocean". In fact, researchers put most of the effort in the possible final architecture: taking into account security issues, but ignoring what will happen during the "transition" phase (in which both the old and the new architectures coexist). While some few recent proposals focused on co-existence architectures, as shown in Figure 1, none of them considered yet the security aspect. At the University of Padua, the SPRITZ team has started working on the security of the coexistence between TCP/IP and ICN network architectures by opening a new research track, setting up worldwide distributed testbeds and searching for fundings. The aim is to make the secure transition toward the future Internet happen by designing the first complete and secure coexistence architecture and providing novel solutions to face all the identified vulnerabilities and attacks. Such secure coexistence architecture will be implemented first in a virtualized environment and, then, deployed in the real world scenario.

Figure 1 - Overview of the existing coexistence architectures.

Coexistence Testbeds

Location Responsible Person Testbed Type Testbed Information
University of Padua Prof. Mauro Conti Worldwide NDN testbed node Physical machine
Private full NDN network Raspberry Pi 3; RIOT OS
University of Sapienza Prof. Riccardo Lazzeretti Worldwide NDN testbed node Physical machine
Private full NDN network Raspberry Pi 3; RIOT OS
Delft University of Technology Dr. Chhagan Lal Worldwide NDN testbed node
Physical machine
Private full NDN network
Raspberry Pi 3; RIOT OS
KTH Royal Institute of Technology Dr. Muhammad Hassan Raza Khan Worldwide NDN testbed node
Physical machine