NDSS’99
Network and Distributed Systems Security Symposium
Securing the Internet’s Exterior Routing Infrastructure
Secure Border Gateway Protocol (S-BGP)
2/4/99
Table of Contents
Secure Border Gateway Protocol (S-BGP)
Constraints and Goals
Correct Operation of BGP
Correct Operation of BGP (nice, but ...)
Design Overview
IP Address Allocation Example
IP Address Allocation PKI Example
Address Certificates
AS # Allocation and Router Example
AS # Allocation and Router PKI Example
AS and Router Certificates
Attestations -- Overview
Address Attestation
Route Attestation
Encoding of Attestations
Detail of Attestation Path Attribute
Propagation of an S-BGP UPDATE
Validating a Route
S- BGP Path Aggregation Example
Performance Issues -- Resources
Performance -- Certificates
Performance -- Attest.’s (worst case)
Optimizations
Optimizations (continued)
Other Performance Savings
Proof of Concept
Benefits of S-BGP
Questions?
Author: Dr. Charles Lynn
Email: CLynn@BBN.Com
Download presentation source