SCoT: a secure content-oriented transport

The evolution of the Internet has resulted in the deployment of new application-level solutions to enhance the scalability and efficiency of content dissemination (e.g., content delivery networks and peer-to-peer systems). However, despite of this improvement on performance, the utilization of this type of solutions introduces new security concerns, as a content provider must necessarily delegate the role of distributing the content to third parties, and current security solutions, such as TLS and IPsec, do not allow authenticating the original content provider or the content itself in these scenarios. In this paper, we present SCoT, a transport-layer protocol that allows a content provider to bind protection to content, enabling content authentication at receivers regardless of any third party infrastructures that have been used to disseminate the content. Content authentication procedures are executed transparently to end-user applications. We implemented a fully operational prototype of the protocol in Java, including an API to support the development of SCoT applications. We utilized it to configure an experimentation scenario that served to validate a theoretical analysis of the SCoT throughput and to illustrate the performance that can be achieved in a practical deployment. The paper concludes describing a set of use cases of the protocol.

SCoT: a secure content-oriented transport Articles