Inventors: Christopher A. Wood and Glenn C. Scott

RELATED APPLICATIONS

[0001] The subject matter of this application is related to the subject matter in the following applications:

U.S. Patent Application No. 13/847,814 (Attorney Docket No. PARC -20120537-

US-NP), entitled "ORDERED-ELEMENT NAMING FOR NAME-BASED PACKET FORWARDING," by inventor Ignacio Solis, filed 20 March 2013 (hereinafter "U.S. Pat. App. No. 13/847,814"); and

U.S. Patent Application No. 12/338,175 (Attorney Docket No. PARC -20080626- US-NP), entitled "CONTROLLING THE SPREAD OF INTERESTS AND CONTENT

IN A CONTENT CENTRIC NETWORK," by inventors Van L. Jacobson and Diana K. Smetters, filed 18 December 2008 (hereinafter "U.S. Pat. App. No. 12/338,175");

the disclosures of which are herein incorporated by reference in their entirety. BACKGROUND Field

[0002] This disclosure is generally related to distribution of digital content. More specifically, this disclosure is related to a method and system for providing an extension to CCN routing protocols that enables a consumer to generate routable prefix queries and determine the minimum number of cleartext name components necessary for an interest to reach a producer in a content centric network.

Related Art

[0003] The proliferation of the Internet and e-commerce continues to create a vast amount of digital content. Content centric network (CCN) architectures have been designed to facilitate accessing and processing such digital content. A CCN includes entities, or nodes, such as network clients, forwarders (e.g., routers), and content producers, which communicate with each other by sending interest packets for various content items and receiving content object packets in return. CCN interests and content objects are identified by their unique names, which are typically hierarchically structured variable length identifiers (HSVLI). An HSVLI can include contiguous name components ordered from a most general level to a most specific level.

[0004] A producer can encrypt the payload of a content object and only distribute keys to authorized consumers. For example, the producer can generate a random symmetric nonce key "k" for a content object "C," encrypt the payload of C using k, and publish the encrypted content obj ect C. The producer can also encrypt k under another key (so that only authorized users can perform decryption), and publish the encrypted nonce key. A consumer can request the content obj ect C and the corresponding nonce key k, both of which are encrypted. The consumer may request or obtain additional information needed to decrypt the encrypted nonce key, based on the specific access control scheme. The consumer can then decrypt the encrypted nonce key using his private credentials (e.g., the additional information), and subsequently decrypt the encrypted payload of content object C using the decrypted nonce key. In such a hybrid encryption scheme, the producer must maintain the content object C (in both plaintext and encrypted form), the nonce key k in plaintext, and the nonce key k in encrypted form for each different access control group allowed to access the content object C. Additionally, the producer must also maintain authorization information that indicates which access control groups are permitted to access which content objects. This can result in system with decreased efficiency.

[0005] While a CCN brings many desired features to a network, some issues remain unsolved for a producer that encrypts content based on access control groups.

SUMMARY

[0006] One embodiment provides a system that facilitates schematized access control in a content centric network. During operation, the system generates, by a content producing device, a secret key for a user based on a schema, wherein the schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, wherein a name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The system receives an interest with a name that corresponds to the schema. The system encrypts a payload of a responsive content object based on the interest name. The system transmits the responsive content object with the encrypted payload to the user, which allows the user to decrypt the encrypted payload with the secret key.

[0007] In some embodiments, the system performs a setup function which outputs a master secret key and public parameters, wherein generating the secret key is further based on the master secret key, and wherein encrypting the payload is further based on the public parameters.

[0008] In some embodiments, the system transmits the secret key to the user or a client computing device of the user.

[0009] In some embodiments, the system generates the responsive content object with the encrypted payload.

[0010] In some embodiments, generating the secret key is in response to one or more of the following: adding a new user to the system; changing a permission of a current user of the system; and determining a need to change the secret key, including a need to rotate one or more secret keys of current users of the system.

[0011] In some embodiments, performing the setup function, generating the secret key, and encrypting the payload of the responsive content object are based on a functional encryption system.

[0012] In some embodiments, the system delegates the generation of the secret key and the performance of the setup function to a trusted third party that is a key managing device, wherein the key managing device: performs the setup function which outputs the master secret key and the public parameters; generates the secret key for the user based on the schema;

transmits the secret key to the user or a client computing device of the user; and transmits the public parameters to the content producing device.

[0013] One embodiment provides a system that facilitates schematized access control.

During operation, the system receives, by a client computing device, a secret key for a user based on a schema, wherein the schema is a regular expression which corresponds to one or more names and allows a user to access content associated with the names, wherein a name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. In response to an interest with a name, the system receives from a content producing device a responsive content object with an encrypted payload. In response to determining that the interest name corresponds to the schema, the system decrypts the payload based on the secret key, thereby facilitating schematized access control in a content centric network.

[0014] In some embodiments, in response to determining that the interest name does not correspond to the schema, the system obtains an indication that the decryption is unsuccessful.

[0015] In some embodiments, determining that the interest name corresponds to the schema is based on a functional encryption system. [0016] In some embodiments, receiving the secret key is in response to transmitting a request for the secret key.

[0017] In some embodiments, the system transmits the request for the secret key to a key managing device that is a trusted third party of the content producing device, wherein the content producing device delegates generation of the secret key and performance of a setup function to the key managing device.

[0018] In some embodiments, the system receives the secret key from the key managing device.

[0019] In some embodiments, the system transmits the request for the secret key to the content producing device, and receives the secret key from the content producing device.

BRIEF DESCRIPTION OF THE FIGURES

[0020] FIG. 1 illustrates an exemplary environment which facilitates schematized access control in a content centric network, in accordance with an embodiment of the present invention.

[0021] FIG. 2A illustrates an exemplary communication which facilitates schematized access control in a content centric network, including communication between a client device and a content producer, in accordance with an embodiment of the present invention.

[0022] FIG. 2B illustrates an exemplary communication which facilitates schematized access control in a content centric network, including communication between a client device, a key manager, and a content producer, in accordance with an embodiment of the present invention.

[0023] FIG. 3 presents a flow chart illustrating a method by a client computing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention.

[0024] FIG. 4 presents a flow chart illustrating a method by a client computing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention.

[0025] FIG. 5 presents a flow chart illustrating a method by a key managing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention.

[0026] FIG. 6 illustrates an exemplary computer system that facilitates schematized access control in a content centric network, in accordance with an embodiment of the present invention.

[0027] In the figures, like reference numerals refer to the same figure elements. DETAILED DESCRIPTION

[0028] The following description is presented to enable any person skilled in the art to make and use the embodiments, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present disclosure. Thus, the present invention is not limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.

Overview

[0029] Embodiments of the present invention provide a system that allows a producer to establish schematized access control to content based only on a name for the content. The system allows the producer to forgo verifying the identity and the authority of a requesting consumer or user, which can result in a more efficient data exchange.

[0030] In a traditional hybrid encryption scheme, a producer can encrypt the payload of a content object and only distribute keys to authorized consumers. For example, the producer can generate a random symmetric nonce key "k" for a content object "C," encrypt the payload of C using k, and publish the encrypted content object C. The producer can also encrypt k under another key (so that only authorized users can perform decryption), and publish the encrypted nonce key. A consumer can request the content object C and the corresponding nonce key k, both of which are encrypted. The consumer may request or obtain additional information needed to decrypt the encrypted nonce key, based on the specific access control scheme. The consumer can then decrypt the encrypted nonce key using his private credentials (e.g., the additional information), and subsequently decrypt the encrypted payload of content object C using the decrypted nonce key. In such a hybrid encryption scheme, the producer must maintain the content object C (in both plaintext and encrypted form), the nonce key k in plaintext, and the nonce key k in encrypted form for each different access control group allowed to access the content object C. Additionally, the producer must also maintain authorization information that indicates which access control groups are permitted to access which content objects. This may lead to inefficiencies in the system.

[0031] In embodiments of the present invention, the producer need only maintain the content object C and the authorization information. The producer performs a setup function that outputs a master secret key and public parameters. The producer then performs a key generation function which generates a secret key for a specific user, based on the master secret key and a schema. A schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names. The producer can distribute the key to the appropriate user or consumer. Subsequently, that user can transmit an interest with a name that matches the schema. Upon receiving the interest, the producer can encrypt the payload of the responsive content object based on only the public parameters and the interest name (e.g., the content name). The consumer can subsequently decrypt the encrypted payload of the responsive content object based on the previously distributed (and received) secret key for that consumer. If the name of the encrypted content object corresponds to (or matches) the schema associated with the user's key, then the consumer can successfully decrypt the content object. Otherwise, decryption is unsuccessful.

[0032] Thus, embodiments of the present invention allow a producer to define access schemas based on content names, associate the schemas with users, provide secret keys for users based on the schemas, and subsequently encrypt content using only the names of the content objects, without needing to generate and maintain random nonce keys for each content object, and without needing to verify any information relating to the user or consumer. Alternatively, the system can delegate either the encryption or the key generation/distribution to a trusted third party, as described below in relation to FIG. 5. Hence, embodiments of the present invention may result in increased efficiency in a network, specifically, in the communications or exchange of data between a consumer and a producer.

[0033] In CCN, each piece of content is individually named, and each piece of data is bound to a unique name that distinguishes the data from any other piece of data, such as other versions of the same data or data from other sources. This unique name allows a network device to request the data by disseminating a request or an interest that indicates the unique name, and can obtain the data independent from the data's storage location, network location, application, and means of transportation. The following terms are used to describe the CCN architecture:

Content Object (or "content object"): A single piece of named data, which is bound to a unique name. Content Objects are "persistent," which means that a Content Object can move around within a computing device, or across different computing devices, but does not change. If any component of the Content Object changes, the entity that made the change creates a new Content Object that includes the updated content, and binds the new Content Object to a new unique name.

Unique Names: A name in a CCN is typically location independent and uniquely identifies a Content Object. A data-forwarding device can use the name or name prefix to forward a packet toward a network node that generates or stores the Content Object, regardless of a network address or physical location for the Content Object. In some embodiments, the name may be a hierarchically structured variable-length identifier (HSVLI). The HSVLI can be divided into several hierarchical components, which can be structured in various ways. For example, the individual name components pare, home, ccn, and test.txt can be structured in a left-oriented prefix-major fashion to form the name "/parc/home/ccn/test.txt." Thus, the name

"/parc/home/ccn" can be a "parent" or "prefix" of "/parc/home/ccn/test.txt." Additional components can be used to distinguish between different versions of the content item, such as a collaborative document. The HSVLI can also include contiguous name components ordered from a most general level to a most specific level.

[0034] In some embodiments, the name can include an identifier, such as a hash value that is derived from the Content Object's data (e.g., a checksum value) and/or from elements of the Content Object's name. A description of a hash-based name is described in U.S. Patent Application No. 13/847,814, which is herein incorporated by reference. A name can also be a flat label. Hereinafter, "name" is used to refer to any name for a piece of data in a name-data network, such as a hierarchical name or name prefix, a flat name, a fixed-length name, an arbitrary-length name, or a label (e.g., a Multiprotocol Label Switching (MPLS) label).

Interest (or "interest"): A packet that indicates a request for a piece of data, and includes a name (or a name prefix) for the piece of data. A data consumer can disseminate a request or Interest across an information-centric network, which CCN/NDN routers can propagate toward a storage device (e.g., a cache server) or a data producer that can provide the requested data to satisfy the request or Interest.

[0035] The methods disclosed herein are not limited to CCN networks and are applicable to other architectures as well. A description of a CCN architecture is described in U.S. Pat. App. No. 12/338,175, which is herein incorporated by reference.

Sample Algorithms for Schematized Encryption

[0036] Embodiments of the present invention use a form of functional encryption based on the below sample algorithms, described in Brent Waters, "Functional encryption for regular languages," Advances in Cryptology-CRYPTO 2012, pages 218-235, Spring 2012 (hereinafter "Waters"). Below is a set of exemplary algorithms used in such a functional cryptosystem: • Setup (1" ,∑) : Algorithm (1) Input the security parameter and an alphabet∑ limiting the set of schema regular expression symbols.

Output the public parameters ("PP") and the master secret key ("MSK")

Encrypt (PP, w, m): Algorithm (2)

Input the public parameters PP, a string w that matches or corresponds to the schema (e.g., an interest name that matches a regular expression corresponding to the schema), and a content payload m.

Output the ciphertext "CT," which is the payload m encrypted based on PP and w.

KeyGen (MSK, schema): Algorithm (3)

Input the master secret key MSK and the schema.

Output a secret key "SK" that can be used to decrypt messages encrypted for the given schema. Note that two keys for the same schema will result in two different secret keys, i.e., there is randomness in each key.

Decryption (SK, CT): Algorithm (4)

Input the secret key SK and the ciphertext CT.

Output the decrypted payload m if and only if the string w associated with CT is accepted by a deterministic finite automata ("DFA") for the schema. Else, return an error message.

Exemplary Network and Communication

[0037] FIG. 1 illustrates an exemplary environment 100 which facilitates schematized access control in a content centric network, in accordance with an embodiment of the present invention. A network 100 can include a consumer or content requesting device 116, producers or content producing devices 118 and 120, and a router or other forwarding device at nodes 102, 104, 106, 108, 110, 112, and 114. A node can be a computer system, an end-point representing users, and/or a device that can generate interests or originate content. A node can also be an edge router (e.g., CCN nodes 102, 104, 112, and 114) or a core router (e.g., intermediate CCN routers 106, 108, and 110). Network 100 can be a content centric network.

[0038] Producer or content producing device 118 can perform setup and key generation procedures based on schemas for content object names. A schema can be a regular expression which corresponds to one or more names. The schema allows a user access to content associated with the names. For example, producer 118 can distribute a key "SK" to client computing device 116 (or a user of device 116) for a schema that is the following regular expression:

"/parc/[csl|hsl|ssl]A\w+." A string, such as an interest name, that matches or corresponds to this regular expression can be: "/parc/csl/cwood/fileA." Other examples of schemas include the following regular expressions: "/parc/csl/cwood/fileA"; and "/parc/csl." Note that the above string can also match or correspond to both of these schemas.

[0039] During operation, client device 116 can generate an interest 124 with a name 124.1 of "/parc/csl/cwood/fileA." Interest 124 can travel through network 100 via nodes 102, 110, and 112, before reaching producer 118. Producer 118 can generate a responsive content object 130 (function 126), with a name 130.1 of "/parc/csl/cwood/fileA" and an unencrypted payload 130.2 of "<payload data>." Producer 118 can encrypt payload 130.2 of content object 130 based on interest name 124.1 (i.e., "/parc/csl/cwood/fileA") (function 128), and transmit content object 130 to device 116 on a reverse path (e.g., via nodes 112, 110, and 102).

[0040] Client device 116 can receive content object 130 and decrypt the encrypted payload 130.2 based on its secret key SK (function 132) to obtain the unencrypted payload 130.3 of "<payload data>." Exemplary setup, key generation, encryption, and decryption algorithms are described in detail above, and below in relation to FIGs. 2A and 2B.

[0041] Embodiments of the present invention allow a producer to directly encrypt a responsive content object based on an incoming interest name, without needing to check the identity of the requesting client or verify the authority of the requesting client. Thus, a producer in the system need only maintain the unencrypted content object and authorization information that indicates which access control groups are permitted to access the content object (by name). Unlike in a hybrid encryption scheme (as described above), the producer does not need to maintain the encrypted content object or a specific key for each access control group permitted to access the content object (in either plaintext or encrypted form). This results in a more efficient network for access to and distribution of data over a network. Exemplary Communication between a Client Device and a Producer

[0042] FIG. 2A illustrates an exemplary communication 200 which facilitates schematized access control in a content centric network, including communication between a client device 202 and a content producer 204, in accordance with an embodiment of the present invention. Communication 200 is based on the exemplary functional encryption algorithms described above.

[0043] Producer 204 can perform a Setup 210 procedure, which outputs public parameters ("PP") and a master secret key ("MSK"). For example producer 204 can run Setup ( ,∑ = {a - b, A - Z,0 - 9} ) , where the alphabet∑ limits the set of schema regular expression symbols. Producer 204 can perform a KeyGen 212 procedure, which takes as input the MSK and a "SCHEMA," and outputs a user secret key ("USK"). The SCHEMA can be a regular expression which accepts (i.e., corresponds to) one or more names, such as "/a/b/cA\w+." Client device 202 can send, and producer 204 can receive, a register/request 214 for the USK. Producer 204 can transmit USK 216 to client device 202. In some embodiments, client device 202 does not request the USK; instead, producer 204 can distribute the USK as part of a key exchange protocol during setup or initialization.

[0044] Subsequently, client device 202 can transmit an interest 218 to producer 204. Interest 218 has a name of "/a/b/c/d." Producer 204 can receive interest 218, and perform an encrypt 220 procedure, which takes as input the PP, a string (in this case the interest name of "/a/b/c/d") that corresponds to the schema, and the unencrypted payload of a responsive content object. The encrypt 220 procedure outputs the ciphertext ("CT"), which is the payload encrypted based on the PP and the interest name. Producer 204 can transmit a responsive content object 222 with a name of "/a/b/c/d" and a payload of "CT" to client device 202. Upon receiving content object 222 with the encrypted payload CT, client device 202 can perform a decrypt 224 procedure, which takes as input the USK and the CT, and outputs the unencrypted payload of the responsive content object. As described above, the decrypt 224 procedure returns a successful result (i.e., the unencrypted payload) if and only if the string associated with the CT is accepted by a deterministic finite automata ("DFA") for the schema, as described in Waters.

Exemplary Communication with Delegated Key Generation

[0045] The encryption and key generation procedures or functionalities may run in separate (disjoint) applications for security reasons. Note that the KeyGen procedure is the only procedure that requires the MSK to operation. Thus, producer 204 can delegate the storage and invocation of the KeyGen procedure to a trusted third party, such as a key managing device. For example, in a DRM system, permissions to access individual content objects (e.g., media files) may be managed by a third party (e.g., the music or content provider). A streaming service may subsequently distribute encrypted media objects to a consumer on behalf of the third party (e.g., the content provider).

[0046] FIG. 2B illustrates an exemplary communication 250 which facilitates schematized access control in a content centric network, including communication between client device 202, a key manager 206, and content producer 204, in accordance with an embodiment of the present invention. Key manager 206 can perform a Setup 260 procedure, which outputs public parameters ("PP") and a master secret key ("MSK"). Key manager 206 can perform a KeyGen 262 procedure, which takes as input the MSK and a "SCHEMA," and outputs a user secret key ("USK"). Client device 202 can send, and key manager 206 can receive, a register/request 264 for the USK. Key manager 206 can transmit USK 266 to client device 202. In some embodiments, client device 202 does not request the USK; instead, key manager 206 can distribute the USK as part of a key exchange protocol during setup or initialization. In addition, key manager 206 can transmit PP 263 to producer 204.

[0047] The remaining communications (e.g., 218 and 222) and procedures (e.g., 220 and 224) shown in FIG. 2B are similar to the corresponding communications shown in FIG. 2A. That is, client device 202 transmits interest 218 to content producer 204, and content producer 204 encrypts a responsive content object 222 based on the interest name and the PP (received in PP 263). Content producer 204 transmits content object 222 with the encrypted payload to client device 202. Client device 202 decrypts the encrypted payload based on its USK (received in USK 266) to obtain the unencrypted payload of the responsive content object. Content Producing Device Facilitates Schematized Access Control

[0048] FIG. 3 presents a flow chart 300 illustrating a method by a client computing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention. During operation, the system performs, by a content producing device, a setup function which outputs public parameters and a master secret key (operation 302). The system performs a key generation function which takes as input the master secret key and a schema, and outputs a secret key for a user based on a schema (operation 304). A schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, and a name is an HSVLI. The system transmits the secret key to the user or a client computing device of the user (operation 306). Subsequently, the system receives from the user an interest with a name that corresponds to the schema

(operation 308). The system generates a responsive content object (operation 310) and encrypts a payload of the responsive content object based on the public parameters and the interest name (operation 312). The system transmits the responsive content object with the encrypted payload to the user (operation 314).

Client Computing Device Facilitates Schematized Access Control

[0049] FIG. 4 presents a flow chart 400 illustrating a method by a client computing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention. During operation, the system transmits, by a client computing device, a request for a secret key for a user associated with the client computing device, where the secret key is based on a schema (operation 402). A schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, and a name is an HSVLI. The system receives the secret key from a content producing device or from a key managing device (operation 404). In some

embodiments, the system does not transmit a request for the secret key. Instead, the content producing device or the key managing device distributes the secret key as part of a key exchange protocol.

[0050] Subsequently, the system generates an interest with a name (operation 406). In response to the interest, the system receives from a content producing device a responsive content object with an encrypted payload (operation 408). The system determines whether the interest name corresponds to the schema (decision 410). If it does not, the system cannot decrypt the encrypted payload. The system can obtain an indication of an unsuccessful decryption, such as a "cannot decrypt" or other similar error message (operation 412). If the interest name does correspond to the schema, the system successfully decrypts the encrypted payload based on the secret key (operation 414).

Key Managing Device Facilitates Schematized Access Control

[0051] FIG. 5 presents a flow chart 500 illustrating a method by a key managing device for facilitating schematized access control in a content centric network, in accordance with an embodiment of the present invention. During operation, the system receives, by a key managing device, a delegation of authority as a trusted third party entity from a content producing device (operation 501). The system performs a setup function which outputs public parameters and a master secret key (operation 502). The system performs a key generation function which takes as input the master secret key and a schema, and outputs a secret key for a user based on a schema (operation 504). A schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, where a name is an HSVLI. The system transmits the secret key to the user or a client computing device of the user (operation 506). The system also transmits the public parameters to the content producing device (operation 508).

Exemplary Computer System

[0052] FIG. 6 illustrates an exemplary computer system 600 that facilitates routable prefix queries in a content centric network, in accordance with an embodiment of the present invention. Computer system 602 includes a processor 604, a memory 606, and a storage device 608. Memory 606 can include a volatile memory (e.g., RAM) that serves as a managed memory, and can be used to store one or more memory pools. Furthermore, computer system 602 can be coupled to a display device 610, a keyboard 612, and a pointing device 614. Storage device 608 can store an operating system 616, a content-processing system 618, and data 632.

[0053] Content-processing system 618 can include instructions, which when executed by computer system 602, can cause computer system 602 to perform methods and/or processes described in this disclosure. Specifically, content-processing system 618 may include instructions for sending and/or receiving data packets to/from other network nodes across a computer network, such as a content centric network (communication module 620). A data packet can include a key or public parameters. A data packet can also include an interest packet or a content object packet with a name which is an HSVLI that includes contiguous name components ordered from a most general level to a most specific level.

[0054] Further, content-processing system 618 can include instructions for generating, by a content producing device, a secret key for a user based on a schema and a master secret key (key -generating module 622). Content-processing system 618 can include instructions for receiving an interest with a name that corresponds to the schema (communication module 620), encrypting a payload of a responsive content object based on the interest name and public parameters (encrypting module 626), and transmitting the responsive content object with the encrypted payload to the user (communication module 620). Content-processing system 618 can also include instructions for performing a setup function which outputs the master secret key and the public parameters (setup module 624) ,

[0055] Content-processing system 618 can further include instructions for transmitting the secret key to the user or a client computing device of the user (communication module 620). Content-processing system 618 can include instructions for generating the secret key in response to one or more of the following: adding a new user to the system; changing a permission of a current user of the system; and determining a need to change the secret key, including a need to rotate one or more secret keys of current users of the system (key -generating module 622).

Content-processing system 618 can also include instructions for delegating the generation of the secret key and the performance of the setup function to a trusted third party that is a key managing device (function delegating module 628).

[0056] Content-processing system 618 can additionally include instructions for receiving, by a client computing device, a secret key for a user based on a schema (communication module 620). Content-processing system 618 can include instructions for, in response to an interest with a name, receiving from a content producing device a responsive content object with an encrypted payload (communication module 620). Content-processing system 618 can include instructions for, in response to determining that the interest name corresponds to the schema, decrypting the payload based on the secret key (decrypting module 630).

[0057] Content-processing system 618 can also include instructions for, in response to determining that the interest name does not correspond to the schema, obtaining an indication that the decryption is unsuccessful (decrypting module 630). Content-processing system 618 can include instructions for receiving the secret key in response to transmitting a request for the secret key (communication module 620).

[0058] Content-processing system 618 can further include instructions for transmitting the request for the secret key to a key managing device that is a trusted third party of the content producing device, wherein the content producing device delegates generation of the secret key and performance of a setup function to the key managing device (communication module 620). Content-processing system 618 can include instructions for receiving the secret key from the key managing device (communication module 620). Content-processing system 618 can also include instructions for transmitting the request for the secret key to the content producing device, and receiving the secret key from the content producing device (communication module 620).

[0059] Data 632 can include any data that is required as input or that is generated as output by the methods and/or processes described in this disclosure. Specifically, data 632 can store at least: an interest; a content object; a name for an interest or a content obj ect; a name that is an HSVLI; a key; a schema that is a regular expression which corresponds to one or more names and allows a user access to content associated with the names; a payload of a content object; an encrypted payload; a master secret key; public parameters; information related to a user of a system or device; functions for setup, key generation, encryption, and decryption; functions that are based on a functional encryption system; and an indication of a delegation of authority to a trusted third party for a function.

[0060] The data structures and code described in this detailed description are typically stored on a computer-readable storage medium, which may be any device or medium that can store code and/or data for use by a computer system. The computer-readable storage medium includes, but is not limited to, volatile memory, non-volatile memory, magnetic and optical storage devices such as disk drives, magnetic tape, CDs (compact discs), DVDs (digital versatile discs or digital video discs), or other media capable of storing computer-readable media now known or later developed. [0061] The methods and processes described in the detailed description section can be embodied as code and/or data, which can be stored in a computer-readable storage medium as described above. When a computer system reads and executes the code and/or data stored on the computer-readable storage medium, the computer system performs the methods and processes embodied as data structures and code and stored within the computer-readable storage medium.

[0062] Furthermore, the methods and processes described above can be included in hardware modules. For example, the hardware modules can include, but are not limited to, application-specific integrated circuit (ASIC) chips, field-programmable gate arrays (FPGAs), and other programmable-logic devices now known or later developed. When the hardware modules are activated, the hardware modules perform the methods and processes included within the hardware modules.

[0063] The foregoing descriptions of embodiments of the present invention have been presented for purposes of illustration and description only. They are not intended to be exhaustive or to limit the present invention to the forms disclosed. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. Additionally, the above disclosure is not intended to limit the present invention. The scope of the present invention is defined by the appended claims.