Building a distributed authenticating CDN

Abstract

In recent times, much has been made of the security, or lack thereof, utilised within Facebook's content distribution network (CDN). Their CDN is noted to enable public access to any resource via a GET request presuming the user knows the URL for the resource. This means that not only can users directly access material that they would otherwise not have access to but it also means that material that has been considered “deleted” may still be accessible. noncdn is a content distribution network designed to provide light-weight authenticated access to content stored at edge nodes with easily replicated authentication access through time limited authentication tokens. noncdn provides “volumes” as a container for handling access control and authentication nodes for generation and validation of authentication tokens. As tokens identify individuals, accesses can be logged and tracked to provide extra auditing functionality.