Presentation is loading. Please wait.

Presentation is loading. Please wait.

SCION: Scalability, Control and Isolation On Next-Generation Networks

Published byPorter Brookins Modified over 9 years ago

Similar presentations

Presentation on theme: "SCION: Scalability, Control and Isolation On Next-Generation Networks"— Presentation transcript:

1 SCION: Scalability, Control and Isolation On Next-Generation Networks
Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen

2 The Internet is still unreliable and insecure!
Feb 2008: Pakistani ISP hijacks YouTube prefix Apr 2010: A Chinese ISP inserts fake routes affecting thousands of US networks. Nov 2010: 10% of Internet traffic 'hijacked' to Chinese servers due to DNS Tampering. Application Transport Data link Network Physical S-BGP origin attest. S-BGP route attest. Multi-path DNSSec Whats the Australian ISP example? Fixes to date – ad hoc, patches Inconvenient truths S-BGP: delayed convergence Global PKI: single root of trust

3 Limitations of the Current Internet
Too little or too much path control by end points Destination has too little control over inbound paths Source has too much control to aggregate DDoS traffic A Prefer the red path … B M C D’s prefix here! D

4 Limitations of the Current Internet
Too little or too much path control by end points Destination has too little control over inbound paths Source has too much control to aggregate DDoS traffic Lack of routing isolation A failure/attack can have global effects Global visibility of paths is not scalable Lack of route freshness Current (S-)BGP enables replaying of obsolete paths

5 Related Work Routing security Routing control
S-BGP, soBGP, psBGP, SPV, PGBGP Routing control Multipath (MIRO, Deflection, Path splicing, Pathlet), NIRA Scalable and policy-based routing HLP, HAIR, RBF Secure DNS DNSSec Source accountability and router accountability AIP, Statistical FL, PAAI Because these limitations are really fundamental, fixing those issues requires to fundamentally change the way BGP works. Therefore, we call for a re-design, including routing, forwarding, addressing, and address lookup.

6 Wish List (1): Isolation
Localization of attacks Mutually distrusting domains, no single root of trust Independent routing region … … … … … … … … M Attacks (e.g., bad routes)

7 Wish List (2): Balanced Control
Source, destination, transit ISPs all have path control Support rich policies and DDoS defenses … … … … CMU PSC I2 L3 … … D C A B Hide the peering link from CMU 7

8 Wish List (3): Explicit Trust
Know who needs to be trusted Enforceable accountability … … … … … … X Y Z Internet Level 3 I2 PSC Who will forward Packets on the path? Go through X and Z, but not Y CMU

9 SCION Architecture Overview
Trust domain (TD)s Isolation and scalability S: blue paths D: red paths path srv TD TD Core Path construction scalability PCB PCB PCB PCB Path resolution Control Explicit trust AD: admin domain Al the nodes shown in this figure represent a TD, e.g., united states Each node can be though of as an ISP or administrative domain, or AD Path construction achieves scalability Path resolution achieves control Route joining (shortcuts) Efficiency, flexibility Destination Source

10 Logical Decomposition
Split the network into a set of trust domains (TD) TD: isolation of route computation TD cores: interconnected Tier-1 ADs (ISPs) core core Down-paths Up-paths Jurisdictional boundary Note: very similar to routing in the current Internet Destination Source

11 Path Construction Beacons (PCBs)
: interface : Opaque field : expiration time : signature TD Core = ||MAC( ) PCB = SIG( || || ) A = || MAC( || ) PCB = SIG( || || || ) Lets take a closer look at this path construction protocol with a single topology, where nodes A, B, and C represent three different ADs in the same TD. Although the details may look complicated, the main point is quite simple but powerful. Essentially, first, we use digital signatures to provide strong protection and accountability for the control-plane PCBs, In this way malicious ADs cannot launch path falsification attacks to attract packets. At data-plane however, we only use light-weight, symmetric MAC, to guarantee the paths formed at control-plane are followed by line-speed data packets. B PCB = || MAC( || ) PCB = SIG( || || || ) C Embed into pkts

12 SCION Security Benefits
S-BGP etc SCION Isolation Scalability, freshness Path replay attack Collusion attack Single root of trust Trusted Computing Base Whole Internet TD Core and on-path ADs Path Control Source End-to-end control Only up-path Destination No control Inbound paths DDoS Open attacks Enable defenses First in SCION, the isolation across trust domains facilitates scalability, because the routing updates are only propagated within the local trust domain. In addition, in each trust domain, only the TD core initiates PCBs, which further improves scalability. In contract in current S-BGP or other path-vector based routing protocols,

13 Performance Benefits Scalability Flexibility Simplicity and efficiency
Routing updates are scoped within the local TD Flexibility Transit ISPs can embed local routing policies in opaque fields Simplicity and efficiency No inter-domain forwarding table Symmetric verification during forwarding

14 Evaluation Methodology
Use of CAIDA topology information Assume 5 TDs (AfriNIC, ARIN, APNIC, LACNIC, RIPE) We compare to S-BGP/BGP

15 Performance Evaluation
Additional path length (AD hops) compared to BGP without shortcuts: 21% longer with shortcuts: 1 down/up- path: 6.7% 2 down/up- path: 3.5% 5 down/up- path: 2.5%

16 Policy Expressiveness Evaluation
Fraction of BGP paths available under SCION, reflecting SCION’s expressiveness of BGP policies With k=5, can find 85% of same paths

17 Security Evaluation Resilience against routing and data-plane attacks
Malicious ADs announce bogus links between each other S-BGP With k=5, can find 85% of same paths SCION

18 Conclusions Basic architecture design for a next-generation network that emphasizes isolation, control and explicit trust Highly efficient, scalable, available architecture Enables numerous additional security mechanisms, e.g., network capabilities Application Transport Data link Network Physical

19 Xin Zhang <xzhang1@cmu.edu>
Questions? Xin Zhang

Download ppt "SCION: Scalability, Control and Isolation On Next-Generation Networks"

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.

Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
1 Praveen K. Muthuswamy Electrical Computer and Systems Engineering Rensselaer Polytechnic Institute In collaboration with Koushik Kar, Aparna Gupta (RPI)

1 Praveen K. Muthuswamy Electrical Computer and Systems Engineering Rensselaer Polytechnic Institute In collaboration with Koushik Kar, Aparna Gupta (RPI)
Routing Basics.

Routing Basics.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.

Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.
1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.

1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.
SCION: Scalability, Control, and Isolation On Next-Generation Networks 2011-05-04 Seungmin Kang.

SCION: Scalability, Control, and Isolation On Next-Generation Networks Seungmin Kang.
Consensus Routing: The Internet as a Distributed System 2009. 2. 26 John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.
Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.

Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
HLP: A Next Generation Interdomain Routing Protocol Lakshminarayanan Subramanian* Matthew Caesar* Cheng Tien Ee*, Mark Handley° Morley Maoª, Scott Shenker*

HLP: A Next Generation Interdomain Routing Protocol Lakshminarayanan Subramanian* Matthew Caesar* Cheng Tien Ee*, Mark Handley° Morley Maoª, Scott Shenker*
© 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,

© 2003 By Default! A Free sample background from Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,
Don’t Secure Routing, Secure Data Delivery Dan Wendlandt (CMU) With: Ioannis Avramopoulos (Princeton), David G. Andersen (CMU), and Jennifer Rexford (Princeton)

Don’t Secure Routing, Secure Data Delivery Dan Wendlandt (CMU) With: Ioannis Avramopoulos (Princeton), David G. Andersen (CMU), and Jennifer Rexford (Princeton)
Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.

Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.
Feedback Based Routing By Dapeng Zhu, Mark Gritter, and David R. Cheriton.

Feedback Based Routing By Dapeng Zhu, Mark Gritter, and David R. Cheriton.
1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.

1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.

Similar presentations

Ads by Google