Accountable Internet Protocol David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)

Slides:



Advertisements
Similar presentations
© Antônio M. Alberti 2011 Host Identification and Location Decoupling: A Comparison of Approaches Bruno Magalhães Martins Antônio Marcos Alberti.
Advertisements

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)
Networking Research Nick Feamster CS Nick Feamster Ph.D. from MIT, Post-doc at Princeton this fall Arriving January 2006 –Here off-and-on until.
Accountable Internet Protocol
Research Summary Nick Feamster. The Big Picture Improving Internet availability by making networks easier to operate Three approaches –From the ground.
Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.
Nick Feamster Research Interest: Networked Systems Arriving January 2006 Likely teaching CS 7260 in Spring 2005 Here off-and-on until then. works.
Campus Testbed for Network Management and Operations Nick Feamster Georgia Tech Joint with Ankur Nayak, Russ Clark, Ron Hutchins, Campus OIT Also input.
IP Security Nick Feamster CS 6262 Spring IP Security have a range of application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Network Support for Sharing. 2 CABO: Concurrent Architectures are Better than One No single set of protocols or functions –Different applications with.
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
The Datapository Dave Andersen, CMU James Moss, CMU Nick Feamster, Georgia Tech
Improving Internet Availability Network Accountability Architectural foundations for defense against spoofing, route hijacking, etc. Architecture for Market.
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Network Security Rethinking the Network to Support: Security Mobility Management Experimental Evaluation Karl Levitt NSF/CISE/NSF and UC Davis.
Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Chord: A scalable peer-to- peer lookup service for Internet applications Ion Stoica, Robert Morris, David Karger, M. Frans Kaashock, Hari Balakrishnan.
CSCI 4550/8556 Computer Networks Comer, Chapter 18: IP: Internet Protocol Addresses.
Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
The Design Philosophy of the DARPA Internet Protocols D. D. Clark.
1 Link Layer & Network Layer Some slides are from lectures by Nick Mckeown, Ion Stoica, Frans Kaashoek, Hari Balakrishnan, and Sam Madden Prof. Dina Katabi.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Internet Indirection Infrastructure (i3) Ion Stoica Daniel Adkins Shelley Zhuang Scott Shenker Sonesh Surana (Published in SIGCOMM 2002) URL:
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Mobile Agents for Integrating Cloud-Based Business Processes with On-Premises Systems and Devices Janis Grundspenkis Antons Mislēvičs Department of Systems.
Towards a New Naming Architectures
A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, Michael Walfish.
Layering and the TCP/IP protocol Suite  The TCP/IP Protocol only contains 5 Layers in its networking Model  The Layers Are 1.Physical -> 1 in OSI 2.Network.
Session 5C, 16 June 2011 Future Network & Mobile Summit 2011 Copyright 2011 Mobile Oriented Future Internet HINLO: An ID/LOC Split Scheme for Mobile Oriented.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker Carnegie Mellon University,
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
Information-Centric Networks07c-1 Week 7 / Paper 3 Accountable Internet Protocol (AIP) –Michael Walfish, Hari Balakrishnan and Scott Shenker David G. Andersen,
Mobile IPv6 Binding Update: Return Routability Procedure Andre Encarnacao and Greg Bayer Stanford University CS 259 Winter 2008 Andre Encarnacao, Greg.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Towards an Internet that “Never Fails” Hari Balakrishnan MIT Joint work with Nick Feamster, Scott Shenker, Mythili Vutukuru.
A Layered Naming Architecture for the Internet by Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, Michael Walfish.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
Information-Centric Networks06b-1 Week 6 / Paper 2 A layered naming architecture for the Internet –Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia.
LNA and DOA Aditya Akella 3/11/2010. A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott.
The RISE Internet Architecture Nick Feamster (Georgia Tech) Brighten Godfrey (UIUC) Nick McKeown (Stanford) Guru Parulkar (Stanford) Jennifer Rexford (Princeton)
FUTURE INTERNET: PROPOSAL “PROBLEMS IN CURRENT INTERNET” M S Siddiqui [ID ] Networking LAB, KHU
Routing Architecture for the Next-Generation Internet (RANGI) draft-xu-rangi-01.txt Xiaohu Xu IETF76 Hiroshima.
InfraHIP HIIT ARU Portfolio Seminar Andrei Gurtov.
Information-Centric Networks06c-1 Week 6 / Paper 3 Middleboxes No Longer Considered Harmful –Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan,
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Encryption CS110: Computer Science and the Internet.
Information-Centric Networks Section # 6.3: Evolved Naming & Resolution Instructor: George Xylomenos Department: Informatics.
Information-Centric Networks Section # 6.2: Evolved Naming & Resolution Instructor: George Xylomenos Department: Informatics.
Information-Centric Networks Section # 7.3: Evolved Addressing & Forwarding Instructor: George Xylomenos Department: Informatics.
Ethernet Network Systems Security Mort Anvari. 9/28/20042 Ethernet Most widely used LAN technology Low cost and high flexibility Versions of different.
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker
Virtual currency? Crypto-currency? Internet Money? Property?
A Layered Naming Architecture
Welcome To : Group 1 VC Presentation
Protocol ap1.0: Alice says “I am Alice”
Figure 6.11 Configuration for Example 4
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

Accountable Internet Protocol David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)

2 Many Security Problems/Point Solutions For each problem, point solutions Fundamental problem: accountability is not intrinsic to current Internet architecture

Accountable Internet Protocol Key idea: New addressing for networks and hosts –Other protocols can use this property as foundation: (Anti-spoofing, secure routing, DDoS shut-off, etc.) AD and EID are self-certifying flat names AD = hash( public_key_of_AD ) Self-certification binds name to named entity AD and EID are self-certifying flat names AD = hash( public_key_of_AD ) Self-certification binds name to named entity Address = AD1:EID If multihomed, has multiple addresses AD1:EID,AD2:EID,AD3:EID AD1AD2 Address Structure Application: Anti-Spoofing 1. Send P 2. Sent P? {nonce} A 3. Yes! { hash(P), nonce } K -1 A Signed with private key corresponding to EID A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.