Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00
DOI: 10.1109/discex.2000.824939
|View full text |Cite
|
Sign up to set email alerts
|

Design and analysis of the Secure Border Gateway Protocol (S-BGP)

Abstract: The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet's routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This document describes a secure, scalable, deployable architecture, S-BGP, for a system that addresses most of the security problems associated with BGP. The paper disc… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
8
0

Publication Types

Select...
2
2
1

Relationship

0
5

Authors

Journals

citations
Cited by 6 publications
(8 citation statements)
references
References 23 publications
0
8
0
Order By: Relevance
“…These proposals have not been adopted due to the changes required to routers and the expensive infrastructure requirements that would thereby be imposed. The most recent proposal for creating the requisite infrastructure is described in [1], an approach based on a new, digitally signed object, the Route Origination Authorization (ROA), together with a PKI to validate, manage and process such objects. Relying party software for use with this "Resource" PKI (RPKI) was first implemented by BBN in 2007, and is described in [12].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…These proposals have not been adopted due to the changes required to routers and the expensive infrastructure requirements that would thereby be imposed. The most recent proposal for creating the requisite infrastructure is described in [1], an approach based on a new, digitally signed object, the Route Origination Authorization (ROA), together with a PKI to validate, manage and process such objects. Relying party software for use with this "Resource" PKI (RPKI) was first implemented by BBN in 2007, and is described in [12].…”
Section: Introductionmentioning
confidence: 99%
“…
A PKI in support of secure Internet routing was first proposed in [1] and refined in later papers, e.g., [2]. In this "Resource" PKI (RPKI) the resources managed are IP address allocations and Autonomous System number (AS #) assignments.
…”
mentioning
confidence: 99%
“…One of these proposals is S-BGP ( [11]), which adds multiple layers of security to the current BGP specifications. S-BGP allows a BGP router to validate the authenticity and integrity of each path received from a peer.…”
Section: Related Workmentioning
confidence: 99%
“…For example S-BGP ( [11]), soBGP ( [10]), and IRV ( [8]) are BGP extensions aimed at authenticating prefix origins and updates. However, most of the proposed solutions imply a heavier load on the CPU and memory of routers in order to perform cryptographic operations.…”
Section: Introductionmentioning
confidence: 99%
“…There are a plethora of proposed countermeasures [8]- [11] addressing inter-domain routing security problems. However, these mechanisms are limited by their further deployment since they need to change the routing protocol.…”
Section: This Raises the Question Whether An As Can Trust The Route Ementioning
confidence: 99%