Secure Interdomain Routing Registry

The current Internet has no secure way to validate the correctness of routing information. We propose a mechanism that supports secure validation of routing information in the interdomain routing protocol of the Internet. Our mechanism focuses on alleviating obstacles which previously prevent the co...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2008-06, Vol.3 (2), p.304-316
Main Authors: E-yong Kim, Li Xiao, Nahrstedt, K., Kunsoo Park
Format: Article
Language:English
Subjects:
Acceptability
Authorized search
border gateway protocol (BGP)
Computer information security
Computer science
Construction
Forensic engineering
Information filtering
Information filters
Information security
interdomain routing
Internet
Law
Legal factors
Obstacles
provably secure registry
Queries
Routing protocols
Searching
Testing
verifiable search
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The current Internet has no secure way to validate the correctness of routing information. We propose a mechanism that supports secure validation of routing information in the interdomain routing protocol of the Internet. Our mechanism focuses on alleviating obstacles which previously prevent the complete and correct construction of the Internet routing information. In particular, we present a registry with authorized and verifiable search (RAVS) by which routing information can be constructed securely. We give an efficient RAVS scheme and prove its securities in the random oracle model. By our scheme, the routing information can be securely stored and tested without revealing contents of registry entries and search queries. Only legal autonomous systems (ASes) can construct valid registry entries and a single compromised AS can be detected. Our experiment shows that our RAVS scheme can be implemented efficiently and the incurred overhead, in terms of time and space, is acceptable in practice.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2008.922050