Security and Privacy Analysis of National Science Foundation Future Internet Architectures

The Internet protocol (IP) is the lifeblood of the modern Internet. Its simplicity and universality have fueled the unprecedented and lasting global success of the current Internet. Nonetheless, some limitations of IP have been emerging in recent years. Furthermore, starting in mid-1990s, the advent of mobility, wirelessness, and the Web substantially shifted Internet usage and communication paradigms. This accentuated long-term concerns about the current Internet architecture and prompted interest in alternative designs. The U.S. National Science Foundation (NSF) has been one of the key supporters of efforts to design a set of candidate next-generation Internet architectures. As a prominent design requirement, NSF emphasized "security and privacy by design" in order to avoid the long and unhappy history of incremental patching and retrofitting that characterizes the current Internet architecture. To this end, as a result of a competitive process, four prominent research projects were funded by the NSF in 2010: nebula, named-data networking, MobilityFirst, and expressive Internet architecture. This paper provides a comprehensive and neutral analysis of salient security and privacy features (and issues) in these NSF-funded future Internet architectures. Prior surveys on future Internet architectures provide a limited, or even no, comparison on security and privacy features. In addition, this paper also compares the four candidate designs with the current IP-based architecture and discusses similarities, differences, and possible improvements.