• DocumentCode
    1994797
  • Title

    Source Address Validation: Architecture and Protocol Design

  • Author

    Wu, Jianping ; Ren, Gang ; Li, Xing

  • Author_Institution
    Tsinghua Univ., Beijing
  • fYear
    2007
  • fDate
    16-19 Oct. 2007
  • Firstpage
    276
  • Lastpage
    283
  • Abstract
    The current Internet addressing architecture does not verify the source address of a packet received and forwarded. This causes serious security and accounting problems. Based on the drastically increased IPv6 address space, a "source address validation architecture" (SAVA) is proposed in this paper, which can guarantee that every packet received and forwarded holds an authenticated source IP address. The design goals of the architecture are lightweight, loose coupling, "multi-fence support" and incremental deployment. This paper discusses the details of design and implementation for the architecture, including inter-AS, intra-AS and local subnet. This architecture is deployed into the CNGI-CERNET2 infrastructure -a large-scale native IPv6 backbone network of the China Next Generation Internet project. We believe that the source address validation architecture will help the transition to a new, more secure and sustainable Internet.
  • Keywords
    IP networks; Internet; message authentication; telecommunication network routing; telecommunication security; transport protocols; IPv6 backbone network; Internet addressing architecture; authenticated source IP address; protocol design; source address validation architecture; Authentication; Computer architecture; Computer science; Cryptography; Design engineering; Internet; Large-scale systems; Optical coupling; Protocols; Spine; Authenticated Source IP Address; Source Address Validation Architecture;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network Protocols, 2007. ICNP 2007. IEEE International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-1-4244-1588-5
  • Electronic_ISBN
    978-1-4244-1588-5
  • Type

    conf

  • DOI
    10.1109/ICNP.2007.4375858
  • Filename
    4375858