Designing and Securing the Future Internet

The Internet was originally designed in an era when devices were tethered and issues of security and privacy were not as critical as they have become today. Recent efforts to redesign the Internet’s architecture have involved the creation of new name-based services that improve upon the notion of DNS, and which serves as a “narrow-waist” for a new generation of network protocols that support advanced mobility-centric services in a flexible manner while also improving security and privacy properties. These name-based services commonly use the concept of “flat,” cryptographically-based, globally unique identifiers for network attached objects, a single abstraction that covers a broad range of communicating objects ranging from a simple device such as a smartphone, a person, a group of devices/people, content or even context.

Our new name resolution service has been designed to protect against a variety of attacks against the network infrastructure, and supports policy-driven security and privacy, such as intentional receipt, in which a destination can publish a policy specifying conditions that must be met in order for it to be reached. My work has also involved extending such future Internet designs to support security for the Internet of Things.

Related reading: Secure Name Resolution for Identifier-to-Locator Mappings in the Global Internet