Modern digitally controlled systems require multiparty authentication and authorization to meet the desired security requirement. This paper describes the design and development of NDN-MPS, an automated solution to support multiparty signature signing and verification for NDN-enabled applications. NDN-MPS suggests several changes and extensions to the existing NDN security solutions. First, it introduces a new type of trust schema to support signing and verification for multiple signers under complex policies such as threshold schemes. Second, it extends the NDN signature format to accommodate multisignature schemes such as BLS signature. Third, it introduces a signature collection protocol to solicit signatures securely from multiple signers. We further evaluate NDN-MPS by assessing its security properties and measuring its performance.
翻译:现代数字控制系统需要多党认证和授权,才能满足预期的安全要求。本文件描述了NDN-MPS的设计和发展,这是一个支持多党签署和核查NDN驱动应用程序的自动解决方案。NDN-MPS建议对现有NDN安全解决方案进行若干修改和扩展。首先,它引入了一种新的信任模式,支持在诸如门槛计划等复杂政策下为多个签名人签名和核查。第二,它扩大了NDN的签名格式,以适应诸如BLS签名等多签字计划。第三,它引入了签名收集协议,以便从多个签名人那里安全地征集签名。我们通过评估其安全性质和衡量其性能,进一步评估NDN-MPS。