Design and analysis of the Secure Border Gateway Protocol (S-BGP)

Author

Kent, Stephen ; Lynn, Charles ; Seo, Karen

Author_Institution

BBN Technol., Cambridge, MA, USA

Volume

1

fYear

2000

fDate

6/22/1905 12:00:00 AM

Firstpage

18

Abstract

The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet´s routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This paper describes a secure, scalable, deployable architecture, S-BGP, for a system that addresses most of the security problems associated with BGP. The paper discusses the vulnerabilities and security requirements associated with BGP, describes the S-BGP countermeasures, and explains how they address these vulnerabilities and requirements. The paper also provides a comparison of this architecture with other approaches that have been proposed, analyzes the performance implications of the proposed countermeasures, and reports on prototype implementation experience

Keywords

Internet; message authentication; protocols; security of data; Internet´s routing infrastructure; authenticity; autonomous systems; deployable architecture; routing information; secure border gateway protocol; security requirements; Databases; Failure analysis; Local area networks; Performance analysis; Prototypes; Routing protocols; Security; Spine; Traffic control; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings

Conference_Location

Hilton Head, SC

Print_ISBN

0-7695-0490-6

Type

conf

DOI

10.1109/DISCEX.2000.824939

Filename

824939