Information-Centric Networking (ICN) is an innovative technology that provides low-loss, low-latency, high-throughput, and high-reliability communications for diversified and advanced services and applications. In this article, we present a technical survey of ICN functionalities such as in-network caching, routing, transport, and security mechanisms, as well as recent research findings. We focus on CCNx, which is a prominent ICN protocol whose message types are defined by the Internet Research Task Force. To facilitate the development of functional code and encourage application deployment, we introduce an open-source software platform called Cefore that facilitates CCNx-based communications. Cefore consists of networking components such as packet forwarding and in-network caching daemons, and it provides APIs and a Python wrapper program that enables users to easily develop CCNx applications for on Cefore. We introduce a Mininet-based Cefore emulator and lightweight Docker containers for running CCNx experiments on Cefore. In addition to exploring ICN features and implementations, we also consider promising research directions for further innovation.

In this work, we propose general, practical and accurate models to analyze the performance of multi-cache systems, in which a cache forwards its miss stream (i.e., requests which have not found the target item) to other caches. We extend a miss stream modeling technique originally known as Melazzi's approximation, which provides a simple but accurate approximate analysis for caches with cascade configurations. We consider several practical replication strategies, which have been commonly adopted in the context of ICN, taking into account the effects of temporal locality. Also, we capture the existing state correlations between neighboring caches by exploiting the cache eviction time. Our proposed models to handle traffic patterns allow us to go beyond the standard Poisson approximation under Independent Reference Model. Our results, validated against simulations, provide interesting insights into the performance of multi-cache systems with different replication strategies.

Named Data Networking (NDN) has emerged as an alternative to traditional IP-based networking for the achievement of Information-Centric Networking (ICN). Currently, most NDN is deployed over IP networks, but such an overlay deployment increases the transport network overhead due to the use of dual network control planes (NDN routing and IP routing). Software-Defined Networking (SDN) can be used to mitigate the network overhead by forwarding NDN packets without the use of IP routing. However, to deploy NDN over SDN, a variable NDN content name needs to be mapped to a fixed-size match field in an OpenFlow switch flow table. For efficient support of such a mapping task, we propose a new architecture that uses dual name for content: content name and Name Tag. The Name Tag is derived from the corresponding content name and is a legitimate IPv6 address. By using the proposed Name Tag, the SDN with an NDN control application can transport an IPv6 packet that encapsulates an NDN packet for an NDN name-based routing. We emulate the proposed architecture using Mininet and verify that it is feasible.

Enforcing access control policies in Information-Centric Networking (ICN) is difficult due to there being multiple copies of contents in various network locations. Traditional Access Control List (ACL)-based schemes are ill-suited for ICN, because all potential content distribution servers should have an identical access control policy or they should contact a centralized ACL server whenever their contents are accessed by consumers. To address these problems, we propose a distributed capability access control scheme for ICN. The proposed scheme is composed of an internal capability and an external capability. The former is included in the content and the latter is added to a request message sent from the consumer. The content distribution servers can validate the access right of the consumer through the internal and external capabilities without contacting access control policies. The proposed model also enhances the privacy of consumers by keeping the content name and consumer identification anonymous. The performance analysis and implementation show that the proposed scheme is feasible and more efficient than other access control schemes.