The effects of asymmetry on TCP performance
MobiCom '97 Proceedings of the 3rd annual ACM/IEEE international conference on Mobile computing and networking
The end-to-end effects of Internet path selection
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Trajectory sampling for direct traffic observation
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Delayed Internet routing convergence
IEEE/ACM Transactions on Networking (TON)
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
IEEE/ACM Transactions on Networking (TON)
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Internet indirection infrastructure
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Measuring ISP topologies with rocketfuel
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Tussle in cyberspace: defining tomorrow's internet
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
King: estimating latency between arbitrary internet end hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
A Block-Cipher Mode of Operation for Parallelizable Message Authentication
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A routing underlay for overlay networks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
On selfish routing in internet-like environments
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Pseudorandom functions revisited: the cascade construction and its concrete security
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
BANANAS: an evolutionary framework for explicit and multipath routing in the internet
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
NIRA: a new Internet routing architecture
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
User-level internet path diagnosis
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A brief history of NTP time: memoirs of an Internet timekeeper
ACM SIGCOMM Computer Communication Review
Guidelines for interdomain traffic engineering
ACM SIGCOMM Computer Communication Review
A system for authenticated policy-compliant routing
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Block-Level Security for Network-Attached Disks
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Improving the reliability of internet paths with one-hop source routing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
SANE: a protection architecture for enterprise networks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Cloud control with distributed rate limiting
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
BGP routing policies in ISP networks
IEEE Network: The Magazine of Global Internetworking
| Hi-index | 0.00 |
In today's Internet, inter-domain route control remains elusive; nevertheless, such control could improve the performance, reliability, and utility of the network for end users and ISPs alike. While researchers have proposed a number of source routing techniques to combat this limitation, there has thus far been no way for independent ASes to ensure that such traffic does not circumvent local traffic policies, nor to accurately determine the correct party to charge for forwarding the traffic. We present Platypus, an authenticated source routing system built around the concept of network capabilities, which allow for accountable, fine-grained path selection by cryptographically attesting to policy compliance at each hop along a source route. Capabilities can be composed to construct routes through multiple ASes and can be delegated to third parties. Platypus caters to the needs of both end users and ISPs: users gain the ability to pool their resources and select routes other than the default, while ISPs maintain control over where, when, and whose packets traverse their networks. We describe the design and implementation of an extensive Platypus policy framework that can be used to address several issues in wide-area routing at both the edge and the core, and evaluate its performance and security. Our results show that incremental deployment of Platypus can achieve immediate gains.