SE-BGP:一种BGP安全机制
DOI:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60673169 (国家自然科学基金); the National Basic Research Program of China under Grant No.2003CB314802 (国家重点基础研究发展计划(973)); the National High-Tech Research and Development Plan of China u


SE-BGP: An Approach for BGP Security
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    BGP(border gateway protocol)协议的安全是Internet路由系统安全的关键.目前已提出多种BGP安全机制,但都未能得到部署.对BGP安全机制的部署问题进行深入分析,利用AS(autonomous system)结构的Rich-Club特性,提出AS联盟的概念,设计了一种BGP安全机制:SE-BGP(security enhanced BGP).SE-BGP采用基于AS联盟的安全体系结构,使用一种具有分布式认证中心的新的信任模型——TTM(translator trust mod

    Abstract:

    BGP (border gateway protocol) security is very important to the inter-domain routing security. Many solutions have been proposed, but none has been deployed until now. This paper analyzes the main problems of these approaches. It studies the AS (autonomous system) topology of the Internet, especially the rich-club property, and gives the notion of the AS alliance. It proposes SE-BGP (security enhanced BGP) as a new way for BGP security. An alliance-based security architecture, and a new trust model-TTM (translator trust model) for SE-BGP are constituted. An authentication scheme based on TTM is also designed. Furthermore, the way of how to extend the BGP protocol is considered. The SE-BGP has strong ability of security and good scalability, and the number of the used certificates is about 1% of the traditional solutions.

    参考文献
    相似文献
    引证文献
引用本文

胡湘江,朱培栋. SE-BGP:一种BGP安全机制.软件学报,2008,19(1):167-176

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2006-06-15
  • 最后修改日期:2006-11-03
  • 录用日期:
  • 在线发布日期:
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号