Title :
Design and analysis of the Secure Border Gateway Protocol (S-BGP)
Author :
Kent, Stephen ; Lynn, Charles ; Seo, Karen
Author_Institution :
BBN Technol., Cambridge, MA, USA
fDate :
6/22/1905 12:00:00 AM
Abstract :
The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet´s routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This paper describes a secure, scalable, deployable architecture, S-BGP, for a system that addresses most of the security problems associated with BGP. The paper discusses the vulnerabilities and security requirements associated with BGP, describes the S-BGP countermeasures, and explains how they address these vulnerabilities and requirements. The paper also provides a comparison of this architecture with other approaches that have been proposed, analyzes the performance implications of the proposed countermeasures, and reports on prototype implementation experience
Keywords :
Internet; message authentication; protocols; security of data; Internet´s routing infrastructure; authenticity; autonomous systems; deployable architecture; routing information; secure border gateway protocol; security requirements; Databases; Failure analysis; Local area networks; Performance analysis; Prototypes; Routing protocols; Security; Spine; Traffic control; Web and internet services;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings
Conference_Location :
Hilton Head, SC
Print_ISBN :
0-7695-0490-6
DOI :
10.1109/DISCEX.2000.824939
