Title :
Public-key infrastructure for the Secure Border Gateway Protocol (S-BGP)
Author :
Seo, Karen ; Lynn, Charles ; Kent, Stephen
Abstract :
The Border Gateway Protocol (BGP) which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet´s routing infrastructure. BGP is highly vulnerable to a variety of malicious attacks, due to its lack of secure means of verifying the authenticity and authority of BGP control traffic. Secure BGP (S-BGP) addresses most of these security vulnerabilities by using a combination of IPsec, a new BGP path attribute containing “attestations,” and a public key infrastructure (PKI). This paper describes in detail this PKI and how it is used to support S-BGP, e.g., for verifying ownership of AS numbers and portions of the IP address space. This PKI embodies a number of unique features designed to support S-BGP security requirements and to facilitate automated access control management for the certificate and CRL repository used with S-BGP
Keywords :
Internet; authorisation; protocols; public key cryptography; telecommunication network routing; telecommunication security; IP address space; IPsec; Internet; S-BGP; Secure Border Gateway Protocol; access control management; autonomous systems; malicious attacks; network routing; public key infrastructure; public-key infrastructure; security vulnerabilities; Access control; Access protocols; Information security; Prototypes; Public key; Radio access networks; Routing protocols; Web and internet services;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932219
