Table of Contents
BGP Countermeasures
(Secure-BGP)
Outline
Overview
The Problem
Correct Operation of
BGP
Correct Operation of
BGP (nice, but ...)
Goals of these
Countermeasures
Attack Model
Implications of
Successful Attacks
Design Overview
IPsec
PKI: Address
Allocation Certificates
Address Allocation
PKI Example
Address Certificates
AS and Router
Certificates
Attestations --
Overview
Address Attestation
Route Attestation
Encoding of
Attestations
Validating a Route
Distribution,
Replacement, Revocation
Performance Issues
-- Resources
Performance --
Certificates
Performance --
Attest.’s (worst case)
Optimizations
Optimizations
(continued)
Other Performance
Savings
Deployment Scenario
Auxiliary BGP box
Auxiliary BGP box
(continued)
Deployment
Assumptions
Secure-BGP Peering
Example
Residual
Vulnerabilities
Comparison with
Other Approaches
Comparison w/Other
Approaches(cont.)
Next Steps
|