Proceedings of the Seventh COnference on Emerging Networking EXperiments and Technologies 2011
DOI: 10.1145/2079296.2079326
|View full text |Cite
|
Sign up to set email alerts
|

Verifying and enforcing network paths with icing

Abstract: We describe a new networking primitive, called a Path Verification Mechanism (PVM). There has been much recent work about how senders and receivers express policies about the paths that their packets take. For instance, a company might want fine-grained control over which providers carry which traffic between its branch offices, or a receiver may want traffic sent to it to travel through an intrusion detection service.While the ability to express policies has been well-studied, the ability to enforce policies … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
99
0

Year Published

2013
2013
2024
2024

Publication Types

Select...
5
1

Relationship

1
5

Authors

Journals

citations
Cited by 114 publications
(100 citation statements)
references
References 53 publications
0
99
0
Order By: Relevance
“…However, each packet still has an AIP-style source identifier that fulfills the above roles. Also, in ICING [28] and capability-based architectures such as TVA [36], packets carry pre-approved router-level paths, but they also carry traditional source and destination addresses.…”
Section: Source Address Overloadmentioning
confidence: 99%
“…However, each packet still has an AIP-style source identifier that fulfills the above roles. Also, in ICING [28] and capability-based architectures such as TVA [36], packets carry pre-approved router-level paths, but they also carry traditional source and destination addresses.…”
Section: Source Address Overloadmentioning
confidence: 99%
“…Ultra-reliable Interdomain service: This is primarily focused on the Nebula Data Plane (NDP) and several alternatives we have created [29,31] implementation. It is the primary locus for policy issues such as security, privacy, fault-tolerance, and more complex and specialized policies.…”
Section: Nebula Future Internet Architecture Integrationmentioning
confidence: 99%
“…First, the control plane must query policy servers for an ICING-based NDP [31], and the query model of declarative networking must be supported to create policy-compliant routes for the NEBULA control plane. ICING [31] is one alternative for NDP, and ICING enforces policy by having ISPs check the work of other ISPs, while TorIP [29] enforces policy by preventing ISPs from gathering the information needed to do effective policy discrimination.…”
Section: Nebula Future Internet Architecture Integrationmentioning
confidence: 99%
See 2 more Smart Citations