Distributed access control for information-centric networking architectures using verifiable credentials.

Information-Centric Networking (ICN) is an emerging paradigm that allows users to retrieve content items securely, independently of their location. Therefore, an item may be stored in a location outside the administrative realm of its owner (e.g., cache, CDN node). In this paper, we propose a solution that allows these 3rd party storage nodes to verify that a user is authorized to access a a particular content item. We consider an SDN-based ICN deployment and we leverage Verifiable Credentials to build chains of trust, as well as to express users' capabilities. With our solution, users can prove authorization using a single message that can be integrated into a content request. Additionally, verifying entities do not have to store any secret. Our solutions support delegation, and it is lightweight. [ABSTRACT FROM AUTHOR]