Secure Border Gateway Protocol (S-BGP)

  • Authors:
  • S. Kent;C. Lynn;K. Seo

  • Affiliations:
  • BBN Technol., Cambridge, MA;-;-

  • Venue:
  • IEEE Journal on Selected Areas in Communications
  • Year:
  • 2006

Quantified Score

Hi-index 0.07

Visualization

Abstract

The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet's routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This paper describes a secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP. The paper discusses the vulnerabilities and security requirements associated with BGP, describes the S-BGP countermeasures, and explains how they address these vulnerabilities and requirements. In addition, this paper provides a comparison of this architecture to other approaches that have been proposed, analyzes the performance implications of the proposed countermeasures, and addresses operational issues