相關主題
商品描述
Inter-domain routing security is a big actor in end-to-end network connectivity. The protocol currently implemented was not designed to cover such a critical aspect, and so many vulnerabilities crop up, having a strong impact on the whole system. Despite much effort in the past focusing in addressing security issues, no solutions have become a reality, hence novel solutions must be sought to reduce the vulnerabilities space. The Border Gateway Protocol (BGP) is a critical component of the Internet's infrastructure used as the de facto inter-domain routing protocol among autonomous systems. It was conceived without an internal security mechanism and hence is prone to a number of vulnerabilities and attacks, which have resulted in partial paralysis of the Internet. Thus, securing BGP has been an active research area for almost a decade now. Several strategies, ranging from complete replacement of BGP to addition of new features in it, were proposed for the purpose of security but none of them were pragmatic enough to be adopted. Recently, the Secure Inter-Domain Routing (SIDR) working group of the IETF has put forward a set of recommendations which seem promising to some extent. This book introduces the reader to the main concepts in inter-domain security, reviewing the most significant contributions and also introducing the current efforts being developed by the scientific community to deal with the overall weaknesses and limitations that still exist.
商品描述(中文翻譯)
跨域路由安全在端到端網路連接中扮演著重要角色。目前實施的協議並未設計來涵蓋這一關鍵方面,因此出現了許多漏洞,對整個系統造成了重大影響。儘管過去在解決安全問題上付出了很多努力,但至今尚未有解決方案成為現實,因此必須尋求新穎的解決方案以減少漏洞空間。邊界網關協議(Border Gateway Protocol, BGP)是互聯網基礎設施中的一個關鍵組件,作為自治系統之間的事實上跨域路由協議。它的設計並未考慮內部安全機制,因此容易受到多種漏洞和攻擊的影響,這導致了互聯網的部分癱瘓。因此,保護BGP已成為近十年來的一個活躍研究領域。為了安全目的,提出了多種策略,從完全替換BGP到在其上添加新功能,但沒有一種足夠務實以被採用。最近,IETF的安全跨域路由(Secure Inter-Domain Routing, SIDR)工作組提出了一套建議,這在某種程度上看起來是有希望的。本書向讀者介紹跨域安全的主要概念,回顧最重要的貢獻,並介紹科學社群目前正在開展的努力,以應對仍然存在的整體弱點和限制。
