Presentation is loading. Please wait.

Presentation is loading. Please wait.

Goals of soBGP Verify the origin of advertisements

Published byBuck Merritt Modified over 6 years ago

Similar presentations

Presentation on theme: "Goals of soBGP Verify the origin of advertisements"— Presentation transcript:

1 SECURE ORIGIN BGP (soBGP) draft-ng-sobgp-bgp-extensions-00 Editor: James Ng (jamng@cisco.com)

2 Goals of soBGP Verify the origin of advertisements
Prevent the advertisement of unauthorized prefixes Sanity check the path of an update

3 Design Constraints Signaling mechanism to provide security information should be as flexible as possible Must be incrementally deployable Should provide security benefit without the participation of every AS

4 Design Constraints Should not rely on routing to secure routing (No external database connection on system initialization is required) Flexibility should be provided to allow operators to configure the level of security vs. overhead and convergence speed Minimize impact to current optimizations in the implementation of the BGP protocol

5 soBGP Doesn’t Protect Inter-AS (peer to peer) Connections
BGP Attribute authentication The full validity of the AS_PATH; while an AS_PATH can be checked for correctness, soBGP does not verify that the AS_PATH of any given route has not been modified in transit

6 Topology Map AS1 AS2 AS3 AS4 If AS3 cuts AS2 out of the path, this would be caught by the proposed construction of a topology map The topology map is verified using a two way connectivity check Gaps in the topology map also limit the ability to validate/sanity check the AS_PATH

7 The Security Message New BGP message type 7
Used to carry security information within the protocol (security info can also be transported outside of BGP) Transmits 3 types of certificates and a request Negotiated at session startup

8 Certificate Types Entity Certificate (Entitycert)
Policy Certificate (Policycert) Authorization Certificate (Authcert)

9 Entitycert function Entity Certificate Distributes the public keys
Used to authenticate other security messages Provides a way to change keys/authentication info without causing routing disruption

10 Who Signs the Entity Certificates
Authority which issued the AS number Commercial authority Any universally known and trusted party in the Internet domain Web of trust model Private keys are never transmitted inside or outside the AS

11 Policycert function Policy Certificate Specifies security options
Communicates level of security requested by Originating AS (Allows Flexibility) Lists attached AS’ for AS_Path sanity checking Also provides a non-disruptive way to invalidate old security information

12 Authentication Certificate
Authcert function Used to authorize an AS to advertise a prefix block Information is used to build a database the BGP speaker can use to verify the origin of a prefix

13 soBGP Operation Manually Entered Entity Certificate (Entitycert) Begin with a small set of manually configured Entitycerts for well-known parties

14 soBGP Operation Manually Entered Entity Certificate (Entitycert) Entitycerts transmitted in BGP are signed using the private key of a third party AS and are authenticated using the manually configured entitycerts, or previously authenticated entitycerts verifies Entity Certificate (Entitycert)

15 soBGP Operation Manually Entered Entity Certificate (Entitycert) Policy Certificate (Policycert) Public key inside Entitycerts then verifies Policycerts and Authcerts verifies verifies Authentication Certificate (Authcert) Entity Certificate (Entitycert)

16 soBGP Operation Prefix Block – A, B, C
Authorization Certificate (Authcert) Prefix Block – A, B, C Authcert contains a list of AS’ authorized to originate an address block Each prefix is then checked against the Authcert database to verify the correct origin AS

17 soBGP Operation A attached to (X, Y, Z)
Policy Certificate (Policycert) A attached to (X, Y, Z) Policycert contains a list of attached AS’ and security policy options Each AS_PATH can then be sanity checked against the Policycert database Placing policies in a certificate allows us to expand and change policy options in the future

18 Certificate Advertisement
Advertisement of certificates is not restricted to the Originating AS Once an AS generates a certificate, it may be advertised by another AS or third party

19 Request Security messages may be filtered for various reasons
The Request message provides the ability to readvertise all security information or just a subset

20 Aggregation Aggregation is a problem for any mechanism that uses the AS_PATH to authenticate information The problem can be avoided by restricting AS’ to only aggregate for prefixes that they are authorized to originate

21 Next Steps Modify the WG charter to include BGP Security as a work item. Wait for requirements document from RPsec. Possibly form a subgroup to look at BGP security solutions (?).

22 For Further Discussion
ftp://ftp-eng.cisco.com/sobgp/index.html Mailing List: Send request

Download ppt "Goals of soBGP Verify the origin of advertisements"

Similar presentations

RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
An Operational Perspective on BGP Security Geoff Huston February 2005.

An Operational Perspective on BGP Security Geoff Huston February 2005.
The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.

The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.
Routing: Exterior Gateway Protocols and Autonomous Systems Chapter 15.

Routing: Exterior Gateway Protocols and Autonomous Systems Chapter 15.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 Towards Secure Interdomain Routing For Dr. Aggarwal 60-592 Win 2004.

1 Towards Secure Interdomain Routing For Dr. Aggarwal Win 2004.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
1 Network Architecture and Design Routing: Exterior Gateway Protocols and Autonomous Systems Border Gateway Protocol (BGP) Reference D. E. Comer, Internetworking.

1 Network Architecture and Design Routing: Exterior Gateway Protocols and Autonomous Systems Border Gateway Protocol (BGP) Reference D. E. Comer, Internetworking.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
CS 672 1 Summer 2003 Lecture 4. CS 672 2 Summer 2003 Route Aggregation The process of representing a group of prefixes with a single prefix is known as.

CS Summer 2003 Lecture 4. CS Summer 2003 Route Aggregation The process of representing a group of prefixes with a single prefix is known as.
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.
Lightwave Communications Research Laboratory Princeton University SoBGP vs SBGP Sharon Goldberg Princeton Routing Security Seminar June 27, 2006 and July.

Lightwave Communications Research Laboratory Princeton University SoBGP vs SBGP Sharon Goldberg Princeton Routing Security Seminar June 27, 2006 and July.
Feb 12, 2008CS573: Network Protocols and Standards1 Border Gateway Protocol (BGP) Network Protocols and Standards Winter 2007-2008.

Feb 12, 2008CS573: Network Protocols and Standards1 Border Gateway Protocol (BGP) Network Protocols and Standards Winter
APNIC eLearning: Intro to RPKI 10 December 2014 12:30 PM AEST Brisbane (UTC+10)

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.

Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.

Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
Secure Origin BGP: What is (and isn't) in a name? Dan Wendlandt Princeton Routing Security Reading Group.

Secure Origin BGP: What is (and isn't) in a name? Dan Wendlandt Princeton Routing Security Reading Group.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.

Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.

Similar presentations

Ads by Google