80 likes | 158 Views
Presented by: Tony Reveldez. Securing BGP – A LITERATURE SURVEY. GEOFF HUSTON B.Sc., M.Sc. Australian National University. MATTIA ROSSI B. Eng .,M.Sc. Leopold- Franzens - Universitaet. GEOFF ARMITAGE B.Sc., PhD. Swinburne University of Technology. Border Gateway Protocol. What is it?
E N D
Presented by: Tony Reveldez Securing BGP – A LITERATURE SURVEY GEOFF HUSTON B.Sc., M.Sc. Australian National University MATTIA ROSSI B.Eng.,M.Sc. Leopold-Franzens-Universitaet GEOFF ARMITAGE B.Sc., PhD. Swinburne University of Technology
Border Gateway Protocol • What is it? • iBGPvseBGP • TCP/IP • Distant Vector Routing • Path Vector Routing • Route Selection Process • Messages • AS Path
BGP Threat Model • Securing the BGP Session • Injection, eavesdropping, delay messages, replay • Verifying BGP Identity • Are you really who you claim to be? • Verifying BGP Information • Is your information complete? • Verifying Forwarding Paths • Is my information accurate?
Consequences of Attacks on the Routing System The ability to eavesdrop Denial of Service the potential to masquerade Address Stealing www.fireblog.com
Securing BGP • The Security Toolset • Security Requirements • Securing the data payload and semantics • Piecemeal incremental deployment • Approaches to Securing BGP • sBGP, soBGP, psBGP, pgBGP, IRV
Approaches to Securing BGP • Securing the operation of BGP • TCP session • GTSM • TCP MD5 • IPSEC • Security in the Data Level
Securing the Integrity of BGP Data • sBGP • soBGP • psBGP • IRV • pgBGP
State of BGP Security As the table shows, of all proposals, only a few have been implemented and mostly not deployed