Presentation is loading. Please wait.

Presentation is loading. Please wait.

SCION: Scalability, Control, and Isolation On Next-Generation Networks 2011-05-04 Seungmin Kang.

Published byEarl Price Modified over 9 years ago

Similar presentations

Presentation on theme: "SCION: Scalability, Control, and Isolation On Next-Generation Networks 2011-05-04 Seungmin Kang."— Presentation transcript:

1 SCION: Scalability, Control, and Isolation On Next-Generation Networks 2011-05-04 Seungmin Kang

2 Introduction  The lack of resource control and isolation are not solved by existing proposals such as S-BGP  Propose a clean-slate Internet architecture, SCION, that provides route control, failure isolation, and explicit trust information for end-to-end communications

3 Introduction  Introduce the notion of a hierarchy of trust domains  Whose members all share a common contractual, legal, cultural, geographical, or other basis for extending limited trust among each other  Provide the machinery to guarantee control-plane isolation  Entities outside a trust domain cannot affect control-plane computation and communication within that trust domain

4 SCION Overview  Design Principles  Domain-based isolation – dividing the routing control plane into independent domains  SCION enables frequent routing updates to periodically refresh path state, so that each AD always maintains a fresh and accurate network topology for efficient routing decisions  Mutually controllable path selection – joint path selection between source and destination  Explicit trust and small TCB for end-to-end communication  By segregating mutually distrustful entities into different trust domain, each trust domain can choose a coherent root of trust  An entity only has to trust a small subset of the network thus achieving a small TCB for end-to-end communication

5 SCION Overview  Hierarchical Decomposition TD : a set of ADs agree on a coherent root of trust and have mutual accountability and enforceability for route computation under a common regulatory framework TD Core : interfaces with other TDs

6 SCION Overview  Routing, Lookup, and Forwarding  For an AD N that is not in the TD Core  Up-paths of N : the paths for sending packets from N to the TD Core  Down-path of N : the paths for sending packets from the TD Core to N

7 Anatomy of a Trust Domain  Each trust domain can be considered an independent networking plane shielded against the influence of external entities ADs in the TD Core : contains the entities that perform several authoritative functions of the trust domain customer-provider relationships peering relationships

8 Anatomy of a Trust Domain  Trust Domain Membership  When a new AD wishes to join a TD, the TD Core verifies that the AD meets the requirements for membership in the TD  To join an existing trust domain, the new AD should either  Have one provider already inside this TD or  Be capable of being a core AD in this TD  Management and Trust Bootstrapping  Each top-level TD has a fixed human readable identifier as well as a public/private key pair  Each AD in the TD Core can possess a public/private key pair, and a threshold number of ADs are required to generate a valid TD Core signature

9 Anatomy of a Trust Domain  Benefits of Using Trust Domains  Security against attacks  TD-based isolation intrinsically eliminates malicious messages and information from other TDs  Resilience against misconfiguration  TD structure mitigates the damage to its member ADs and those attempting to reach them  Elimination of a single point of trust/failure  The existence of multiple TDs eliminates the need for a single authority for the entire Internet, which causes deployment issues and a single point of failure  Scalability  In each TD, only the TD Core originates routing messages(the path construction beacons), which are only propagated within the TD

10 Path Construction  Format of a Path Construction Beacon  The path construction beacons are TD-scoped and only propagated within the TD from which they are originated  Interface field  Contains the path received from the previous hop, appended with the local link(ingress/egress interface pair)  Timing field  The introduction of link expiration time requires endpoint ADs to periodically select new, updated sets of paths, thus achieving route freshness

11 Path Construction  Opaque field  ADs on the path can efficiently check  Whether the incoming traffic is allowed and enters from the correct AD at the correct ingress point  The corresponding egress interface to the next hop AD  Contains the ingress/egress interfaces at ADi for the announced path p, and a short cryptographic MAC by which an AD can verify if the opaque field embedded in the data packet is authentic  Signature  The signatures are constructed in an onion fashion, where each signature signs all previous path information

12 Path Construction  Path Construction Process peering link The TD Core periodically disseminates path construction beacons to the immediate neighboring ADs Suppose an intermediate AD receives a set of paths from its upstream providers : It checks the signatures on each of the paths, and discards any ill-formed or unauthenticated paths with bad signature For each downstream AD, the parent AD then chooses a path set. Each of these paths necessarily originates from the TD Core and terminates at the parent AD

13 Lookup  Allows a source AD to discover the k down-paths from the destination’s core to the destination AD  The SCION lookup process consists of two stages  An Address Server translates a human-readable label and a TD identifier into one or more cryptographic endpoint identifiers(EIDs) with their respective AD and TD memberships  A Path Server takes such AD and TD-membership information of an endhost and returns the destination AD’s k down-paths

14 Lookup  Address Resolution Service  Context-aware address resolution  The source queries the local Address Server with the destination identifier (DNS name, TD identifier)  The Address Server returns an identifier indicating which AD(s) serves an endpoint associated with the label  Namespace  Assumption : the service is structured similarly to DNS  Domain ABC.us and ABC.cn  Address server setup  To ensure that Address Server store the latest record, it should update their address database whenever an endhost joins or leaves

15 Lookup  Address Resolution Service  Routing to address server  The name resolution query is routed using the TD identifier(e.g US)  If the querying source is contained in the targeted TD, the source sends this query directly to TDt via one of its up-paths in this TD  Otherwise, the query is sent to the top-level TD, which then resolves the query and returns the response via the originating up-path

16 Route Joining  Combines up and down paths to construct a working end-to-end route  Joining algorithm takes as input the k up-paths of the source AD and the queried k down-paths of the destination  The use of peering links is to enable the source and destination to find not only joining points at a common ancestor AD, but also joining points at a common peering link

17 Route Joining node F and G can only find route node F and G are able to find a shortcut path

18 Forwarding  The ingress and egress interfaces in the opaque fields instruct each transit AD on how to route the packets to the next hop, without requiring a forwarding table lookup  Each AD derives a MAC verification key from the timestamp TS embedded in the data packet, which is then used to check the MAC  If the MAC is correct we say that the link is not expired

19 Evaluation  Evaluation Methodology  Trust domains  Virtually divide the Internet into five local and non-overlapping trust domains  AD registered to the same Regional Internet Registry(RIR) belong to the same trust domain in our experiment

20 Evaluation  Finding k up-paths  For the purpose of simulation, we implement a simple k-path discovery algorithm that takes a source AD, the complete AD- level topology, and a TD as input, and yields a set of k maximally edge disjoint paths to the TD Core ADs in the specified TD distribution of the number of available paths

21 Evaluation  SCION Shortcut Efficacy: Route Stretch  Evaluate the effectiveness of the shortcut mechanism in the intra-TD routing using the end-to-end route stretch  The length of a SCION route : the length of a BGP route  The simulation takes 1000 random pairs of source and destination ADs in the same TD  The average length of SCION paths and its stretch endpoints are more likely to find a common AD or link for shortcut construction when they have more up-paths

22 Evaluation  Route Construction Efficacy: Expressiveness  Show that given SCION’s well-isolated TD infrastructure, a route discovered by BGP-style route updates is likely to be found through SCION’s scalable route update propagation as well The ratio of contained paths represents the expressiveness

23 Conclusion  TD infrastructure, SCION  Enables a design of an AD-level routing protocol that supports scalable route update propagation without flooding per- destination updates  Mutually controllable path selection at an appropriate granularity to trade off route control with attack power  Makes trust explicit through isolation and cryptographic primitives, entities know who is accountable for incorrect path construction and message propagation

Download ppt "SCION: Scalability, Control, and Isolation On Next-Generation Networks 2011-05-04 Seungmin Kang."

Similar presentations

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
SCION: Scalability, Control and Isolation On Next-Generation Networks

SCION: Scalability, Control and Isolation On Next-Generation Networks
Scalable Content-Addressable Network Lintao Liu 2001.11.19.

Scalable Content-Addressable Network Lintao Liu
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—2-1 Label Assignment and Distribution Introducing Typical Label Distribution in Frame-Mode MPLS.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—2-1 Label Assignment and Distribution Introducing Typical Label Distribution in Frame-Mode MPLS.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.

1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.
IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Internet Networking Spring 2006 Tutorial 12 Web Caching Protocols ICP, CARP.

Internet Networking Spring 2006 Tutorial 12 Web Caching Protocols ICP, CARP.
1 Internet Networking Spring 2004 Tutorial 7 Multicast Routing Protocols.

1 Internet Networking Spring 2004 Tutorial 7 Multicast Routing Protocols.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Similar presentations

Ads by Google