Read more
Inter-domain routing security is a big actor in end-to-end network connectivity. The protocol currently implemented was not designed to cover such a critical aspect, and so many vulnerabilities crop up, having a strong impact on the whole system. Despite much effort in the past focusing in addressing security issues, no solutions have become a reality, hence novel solutions must be sought to reduce the vulnerabilities space. The Border Gateway Protocol (BGP) is a critical component of the Internet's infrastructure used as the de facto inter-domain routing protocol among autonomous systems. It was conceived without an internal security mechanism and hence is prone to a number of vulnerabilities and attacks, which have resulted in partial paralysis of the Internet. Thus, securing BGP has been an active research area for almost a decade now. Several strategies, ranging from complete replacement of BGP to addition of new features in it, were proposed for the purpose of security but none of them were pragmatic enough to be adopted. Recently, the Secure Inter-Domain Routing (SIDR) working group of the IETF has put forward a set of recommendations which seem promising to some extent. This book introduces the reader to the main concepts in inter-domain security, reviewing the most significant contributions and also introducing the current efforts being developed by the scientific community to deal with the overall weaknesses and limitations that still exist.
List of contents
Section I: The Big Picture
* Chapter 1: Introduction
* Chapter 2: Pre-Requisites
* Chapter 3: BGP-4 Protocol
* Chapter 4: BGP Threat Model
* Chapter 5: Attacks on BGP
Section II: Securing BGP
* Chapter 6: Secure BGP (S-BGP), Secure Origin BGP (SO-BGP) and Pretty Secure BGP (PS-BGP)
* Chapter 7: Inter-domain Route Validation (IRV)
* Chapter 8: Secure Path Vector (SPV)
* Chapter 9: Listen and Whisper
Subsection II B: Ongoing Efforts
* Chapter 10: Resource Public Key Infrastructure (RPKI)
* Chapter 11: Route Origination Authorization (ROA)
* Chapter 12: BGPSEC Protocol
* Chapter 13: Analysis of SIDR WG Proposals
Section III: Future Way Forward
* Chapter 14: BGP Security Management using Overlay Networks
About the author
Xavier Masip-Bruin, Ph.D in telecommunications engineering from UPC, is currently an associate professor of Computer Science and Communications at the Technical University of Catalunya (UPC), Vilanova I la Geltrú, Barcelona, Spain.
Marcelo Yannuzzi is full Department of Computer Architecture, Technical University of Catalonia, Vilanova I la Geltrú, Barcelona, Spain.
Muhammad Shuaib Siddiqui is a PhD candidate at the Advanced Network Architectures Lab, Universitat Politecnica de Catalunya, Vilanova I la Geltrú, Barcelona, Spain.
Summary
A vital part of maintaining Internet security, Border Gateway Protocol struggles with its own security hiccups and vulnerability to attack. This book addresses the issues of inter-domain security and analyzes the research developments that work to improve the current BGP system.
