DocumentCode :
1088506
Title :
Securing User-Controlled Routing Infrastructures
Author :
Lakshminarayanan, Karthik ; Adkins, Daniel ; Perrig, Adrian ; Stoica, Ion
Author_Institution :
Dept. of Electr. Eng. & Comput. Sci., California Univ., Berkeley, CA
Volume :
16
Issue :
3
fYear :
2008
fDate :
6/1/2008 12:00:00 AM
Firstpage :
549
Lastpage :
561
Abstract :
Designing infrastructures that give untrusted third parties (such as end-hosts) control over routing is a promising research direction for achieving flexible and efficient communication. However, serious concerns remain over the deployment of such infrastructures, particularly the new security vulnerabilities they introduce. The flexible control plane of these infrastructures can be exploited to launch many types of powerful attacks with little effort. In this paper, we make several contributions towards studying security issues in forwarding infrastructures (FIs). We present a general model for an FI, analyze potential security vulnerabilities, and present techniques to address these vulnerabilities. The main technique that we introduce in this paper is the use of simple lightweight cryptographic constraints on forwarding entries. We show that it is possible to prevent a large class of attacks on end-hosts and bound the flooding attacks that can be launched on the infrastructure nodes to a small constant value. Our mechanisms are general and apply to a variety of earlier proposals such as , DataRouter, and Network Pointers.
Keywords :
IP networks; cryptography; telecommunication network routing; telecommunication security; DataRouter; Network Pointers; flexible control plane; flooding attacks; forwarding infrastructures; iZ; lightweight cryptographic constraints; security vulnerabilities; user-controlled routing; Internet architecture; overlay networks; security;
fLanguage :
English
Journal_Title :
Networking, IEEE/ACM Transactions on
Publisher :
ieee
ISSN :
1063-6692
Type :
jour
DOI :
10.1109/TNET.2007.903980
Filename :
4460527
Link To Document :
بازگشت