Sign In

Communications of the ACM

ACM TechNews

It Engineers Ponder Fix to Dangerous Internet Routing Problem


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Internet illustration

IllustratIon by Darrel Rees

Information technology engineers have been studying methods for fixing a weakness in the Internet's routing system known as the Border Gateway Protocol (BGP), which can cause networks to become unavailable if mistakes are made in entering information or if there is a malicious attack.

BGP weaknesses also can cause a company's Internet traffic to be circuitously routed through another network it does not need to go through, a process known as route hijacking. The solution is to have routers verify that the Internet Protocol (IP) address blocks announced by other routers actually belong to their networks. The Resource Public Key Infrastructure (RPKI) method uses a system of cryptographic certificates that verify if an IP address block belongs to a certain network. However, RPKI is complex, and deployment has been slow.

An alternate system, known as Route Origin Verification (Rover), could be easier. Rover's advantages are that it needs no changes in the existing routers, and it can work alongside RPKI. "The whole infrastructure of securing the answer [of whether the route is legitimate] already exists," says Secure64's Joe Gersch.

From IDG News Service 
View Full Article

Abstracts Copyright © 2012 Information Inc. External Link, Bethesda, Maryland, USA 


 

No entries found