A survey on the recent efforts of the Internet standardization body for securing inter-domain routing

The Border Gateway Protocol (BGP) is the de facto inter-domain routing protocol in the Internet, thus it plays a crucial role in current communications. Unfortunately, it was conceived without any internal security mechanism, and hence is prone to a number of vulnerabilities and attacks that can res...

Descripción completa

Detalles Bibliográficos
Autores: Siddiqui, Muhammad Shuaib, Montero Banegas, Diego Teodoro, Serral Gracià, René|||0000-0003-2112-0952, Masip Bruin, Xavier|||0000-0002-4755-556X, Yannuzzi, Marcelo
Tipo de recurso: artículo
Fecha de publicación:2015
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/28301
Acceso en línea:https://hdl.handle.net/2117/28301
https://dx.doi.org/10.1016/j.comnet.2015.01.017
Access Level:acceso abierto
Palabra clave:Routing protocols (Computer network protocols)
Internet -- Security measures
BGP
Security
BGPSEC
Routing
Internet
Inter-domain
Improving BGP convergence
Autonomous systems
Attacks
Announcements
Performance
Issues
Impact
Internet -- Mesures de seguretat
Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors::Internet
Descripción
Sumario:The Border Gateway Protocol (BGP) is the de facto inter-domain routing protocol in the Internet, thus it plays a crucial role in current communications. Unfortunately, it was conceived without any internal security mechanism, and hence is prone to a number of vulnerabilities and attacks that can result in large scale outages in the Internet. In light of this, securing BGP has been an active research area since its adoption. Several security strategies, ranging from a complete replacement of the protocol up to the addition of new features in it were proposed, but only minor tweaks have found the pathway to be adopted. More recently, the IETF Secure Inter-Domain Routing (SIDR) Working Group (WG) has put forward several recommendations to secure BGP. In this paper, we survey the efforts of the SIDR WG including, the Resource Public Key Infrastructure (RPKI), Route Origin Authorizations (ROAs), and BGP Security (BGPSEC), for securing the BGP protocol. We also discuss the post SIDR inter-domain routing unresolved security challenges along with the deployment and adoption challenges of SIDR's proposals. Furthermore, we shed light on future research directions in managing the broader security issues in inter-domain routing. The paper is targeted to readers from the academic and industrial communities that are not only interested in an updated article accounting for the recent developments made by the Internet standardization body toward securing BGP (i.e., by the IETF), but also for an analytical discussion about their pros and cons, including promising research lines as well.