This repository contains Pollere's evolving work on tools to enable data-centric applications (with a focus on "edge" applications). These tools currently depend on the use of a version of the Named-Data Networking Forwarder (NFD) with Pollere's patches, but a future goal is something less fragile.This repository is organized into directories:
-
tools: contains tools for using trust schema-based security.
-
versec: Includes a description of the VerSec Language for expressing trust rules and a compiler that turns the language into a binary trust schema.
-
include: bespoke transport modules developed and used by Pollere to handle secure data-centric communications:
-
syncps: the pub-sub transport protocol that interfaces with the packet forwarder
-
schema: the run-time library that makes use of the binary trust schema
-
sigmgrs: supplies a range of signing and validation types
-
keydists: [not yet released]
-
-
examples:
- mbps: bespoke transport that provides message-based publish/subscribe
All the modules are header-only C++ 'libraries' so the DCT/include
tree has to be made available to programs using it via a -I
c++ compiler flag or installed in a standard include path like /usr/local/include
. The code requires c++20 and compiles with the current xcode compiler or clang-11 on MacOS and Linux and gcc-9 on Linux. It uses the new c++20 formatted output model which, unfortunately, is not yet in either compiler's standard library. To fill that gap we suggest using the excellent implementation available at https://fmt.dev/latest/index.html. This should be installed somewhere on your system and its include/fmt
directory symlinked from DCT/include
(this distribution has a sample symlink assuming that the fmt
dist was placed in a src
tree at the same level as DCT). Patches available at https://github.com/pollere/NDNpatches will be needed.
The included versec compiler is required to compile new schemas but pre-compiled schemas for the examples are available as a *.scm file in the example source directory. To compile and run an example using the pre-compiled schema, for example, mbps:
- (one time)
cd DCT/tools && make
to build theschema_install
tool to install schema into your NDN PIB. cd DCT/examples/mbps
thenmake
to build the example. If the make is successful, run../../tools/schema_install mbps.scm
to install the example's trust schema then follow the readme or its help text to run it. Don't install trust schemas without installing the ndn-cxx patch and https://github.com/operantnetworks/ndn-ind version b72bbf7e (5March21) or later (otherwise issues with certificate handling may make it difficult to manage your PIB). Ndn-ind b72bbf7e doesn't contain the async-face needed by these tools. To add it, apply the Pollere patch patch.ndn-ind immediately after cloning the Operant Networks ndn-ind github repo.
Some concepts here may be better understood by referencing earlier Pollere work:
Lessons Learned Building a Secure Network Measurement Framework using Basic NDN , K. Nichols, Proceedings of ACM ICN '19, September 24-16, Macao, China (available at http://www.pollere.net/publications.html)
Related talks at http://www.pollere.net/talks.html
See also GitHub.com/pollere/DNMP-v2 for Pollere's first bespoke transport.
Copyright (C) 2021 Pollere, Inc