Internet indirection infrastructure
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
End-host controlled multicast routing
Computer Networks: The International Journal of Computer and Telecommunications Networking - Overlay distribution structures and their applications
End-host controlled multicast routing
Computer Networks: The International Journal of Computer and Telecommunications Networking - Overlay distribution structures and their applications
| Hi-index | 0.00 |
Designing a flexible, yet secure communication infrastructure has long been an elusive goal. Most of the proposals that seek to address the problem of flexibility have opened up the system for new forms of attacks. In this paper, we consider one particular proposal, i3 [2], a flexible indirection infrastructure that provides natural support for a multitude of communication primitives such as multicast, anycast and mobility. We systematically identify the attacks on i3, and propose techniques that address the security problems without sacrificing the flexibility that i3 offers. Our techniques, ranging from cryptographically constraining the forwarding entries to challenge-based mechanisms for inserting forwarding entries, while being simple, both conceptually and to implement, make most of the attacks provably hard. We believe that this paper represents an important step towards designing communication infrastructures that are both secure and flexible.