article

A system for authenticated policy-compliant routing

Authors:
Barath Raghavan

University of California, San Diego, CA

University of California, San Diego, CA
View Profile

,
Alex C. Snoeren

University of California, San Diego, CA

University of California, San Diego, CA
View Profile

ACM SIGCOMM Computer Communication Review Volume 34 Issue 4October 2004pp 167–178https://doi.org/10.1145/1030194.1015487

Published:30 August 2004Publication History

ACM SIGCOMM Computer Communication Review

Abstract

Internet end users and ISPs alike have little control over how packets are routed outside of their own AS, restricting their ability to achieve levels of performance, reliability, and utility that might otherwise be attained. While researchers have proposed a number of source-routing techniques to combat this limitation, there has thus far been no way for independent ASes to ensure that such traffic does not circumvent local traffic policies, nor to accurately determine the correct party to charge for forwarding the traffic.We present Platypus, an authenticated source routing system built around the concept of network capabilities. Network capabilities allow for accountable, fine-grained path selection by cryptographically attesting to policy compliance at each hop along a source route. Capabilities can be composed to construct routes through multiple ASes and can be delegated to third parties. Platypus caters to the needs of both end users and ISPs: users gain the ability to pool their resources and select routes other than the default, while ISPs maintain control over where, when, and whose packets traverse their networks. We describe how Platypus can be used to address several well-known issues in wide-area routing at both the edge and the core, and evaluate its performance, security, and interactions with existing protocols. Our results show that incremental deployment of Platypus can achieve immediate gains.

References

S. Agarwal, C.-N. Chuah, and R. H. Katz. OPCA: Robust interdomain policy routing and traffic control. In Proc. IEEE OPENARCH, June 2002.]]Google Scholar
M. K. Aguilera, M. Ji, M. Lillibridge, J. MacCormick, E. Oertli, D. G. Andersen, M. Burrows, T. Mann, and C. A. Thekkath. Block-level security for network-attached disks. In Proc. USENIX FAST, Apr. 2003.]] Google ScholarDigital Library
D. G. Andersen. Mayday: Distributed filtering for internet services. In Proc. USITS, Mar. 2003.]] Google ScholarDigital Library
D. G. Andersen, H. Balakrishnan, M. F. Kaashoek, and R. T. Morris. Resilient overlay networks. In Proc. ACM SOSP, Oct. 2001.]] Google ScholarDigital Library
T. Anderson, T. Roscoe, and D. Wetherall. Preventing Internet denial-of-service with capabilities. In Proc. HotNets, Nov. 2003.]]Google Scholar
R. Atkinson. Security architecture for the Internet protocol. RFC 1825, IETF, Aug. 1995.]] Google ScholarDigital Library
J. Black, S. Halevi, H. Krawczyk, T. Krovetz, and P. Rogaway. UMAC: Fast and secure message authentication. Advances in Cryptology -- CRYPTO '99. LNCS, 1666, 1999.]] Google ScholarDigital Library
J. Black and P. Rogaway. A block-cipher mode of operation for parallelizable message authentication. Advances in Cryptology -- EUROCRYPT '02. LNCS, 2332, 2002.]] Google ScholarDigital Library
CAIDA Skitter Project. http://www.caida.org/tools/measurement/skitter/.]]Google Scholar
I. Castiñeyra, N. Chiappa, and M. Steenstrup. The Nimrod routing architecture. RFC 1992, IETF, Aug. 1996.]]Google ScholarDigital Library
D. D. Clark. Policy routing in Internet protocols. RFC 1102, IETF, May 1989.]] Google ScholarDigital Library
D. D. Clark, J. Wroclawski, K. R. Sollins, and R. Braden. Tussle in cyberspace: Defining tomorrow's Internet. In Proc. ACM SIGCOMM, Aug. 2002.]] Google ScholarDigital Library
N. G. Duffield and M. Grossglauser. Trajectory sampling for direct traffic observation. In Proc. ACM SIGCOMM, Aug. 2000.]] Google ScholarDigital Library
D. Estrin, T. Li, Y. Rekhter, K. Varadhan, and D. Zappala. Source demand routing: Packet format and forwarding specification. RFC 1940, IETF, May 1996.]] Google ScholarDigital Library
D. Estrin, J. C. Mogul, and G. Tsudik. Visa protocols for controlling interorganizational datagram flow. IEEE J. SAC, 7(4), May 1989.]]Google Scholar
D. Estrin and G. Tsudik. Security issues in policy routing. In Proc. IEEE Symposium on Security and Privacy, May 1989.]]Google ScholarCross Ref
G. Huston. Commentary on inter-domain routing in the Internet. RFC 3221, IETF, Dec. 2001.]] Google ScholarDigital Library
H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed-hashing for message authentication. RFC 2104, IETF, Feb. 1997.]] Google ScholarDigital Library
A. Kumar, J. Xu, L. Li, J. Wang, and O. Spatschek. Space-code Bloom filter for efficient per-flow traffic measurement. In Proc. IEEE Infocom, Mar. 2004.]]Google ScholarCross Ref
C. Labovitz, A. Ahuja, A. Bose, and F. Jahanian. Delayed Internet routing convergence. IEEE/ACM ToN, 9(3), June 2001.]] Google ScholarDigital Library
Leichtman Research Group. A record 2.3 million add broadband in first quarter of 2004, May 2004.]]Google Scholar
J. B. MacQueen. On convergence of k-means and partitions with minimum average variance. Ann. Math. Stat., 36, 1965.]]Google Scholar
R. Mahajan, N. Spring, D. Wetherall, and T. Anderson. User-level Internet path diagnosis. In Proc. ACM SOSP, Oct. 2003.]] Google ScholarDigital Library
R. Mahajan, D. Wetherall, and T. Anderson. Understanding BGP misconfiguration. In Proc. ACM SIGCOMM, Aug. 2002.]] Google ScholarDigital Library
D. L. Mills. A brief history of NTP time: Memoirs of an Internet timekeeper. SIGCOMM CCR, 33(2), 2003.]] Google ScholarDigital Library
A. Nakao, L. L. Peterson, and A. Bavier. A routing underlay for overlay networks. In Proc. ACM SIGCOMM, Aug. 2003.]] Google ScholarDigital Library
W. B. Norton. Internet service providers and peering. In Proc. NANOG, June 2000.]]Google Scholar
L. Qiu, Y. R. Yang, Y. Zhang, and S. Shenker. On selfish routing in Internet-like environments. In Proc. ACM SIGCOMM, Aug. 2003.]] Google ScholarDigital Library
E. C. Rosen, A. Viswanathan, and R. Callon. Multiprotocol label switching architecture. RFC 3031, IETF, Jan. 2001.]] Google ScholarDigital Library
B. Sanzone, D. Katz, D. Asher, D. Carlson, G. Bouchard, M. Bertone, M. Hussain, R. Kessler, and T. Hummel. NITROX II: A family of in-line security processors. In Proc. IEEE Hot Chips, Aug. 2003.]]Google Scholar
S. Savage, A. Collins, E. Hoffman, J. Snell, and T. Anderson. The end-to-end effects of Internet path selection. In Proc. ACM SIGCOMM, Sept. 1999.]] Google ScholarDigital Library
A. C. Snoeren, C. Partridge, L. A. Sanchez, C. E. Jones, F. Tchakountio, B. Schwartz, S. T. Kent, and W. T. Strayer. Single-packet IP traceback. IEEE/ACM ToN, 10(6), Dec. 2002.]] Google ScholarDigital Library
A. C. Snoeren and B. Raghavan. Decoupling policy from mechanism in Internet routing. In Proc. HotNets, Nov. 2003.]]Google Scholar
N. Spring, R. Mahajan, and T. Anderson. Quantifying the causes of path inflation. In Proc. ACM SIGCOMM, Aug. 2003.]] Google ScholarDigital Library
N. Spring, R. Mahajan, and D. Wetherall. Measuring ISP topologies with Rocketfuel. In Proc. ACM SIGCOMM, Aug. 2002.]] Google ScholarDigital Library
I. Stoica, D. Adkins, S. Zhuang, S. Shenker, and S. Surana. Internet indirection infrastructure. In Proc. ACM SIGCOMM, Aug. 2002.]] Google ScholarDigital Library
I. Stoica and H. Zhang. LIRA: An approach for service differentiation in the Internet. In Proc. NOSSDAV, June 1998.]]Google Scholar
H. Tahilramani Kaur, S. Kalyanaraman, A. Weiss, S. Kanwar, and A. Gandhi. BANANAS: An evolutionary framework for explicit and multipath routing in the Internet. In Proc. ACM SIGCOMM FDNA, Aug. 2003.]] Google ScholarDigital Library
R. Wattenhofer and P. Widmayer. An inherent bottleneck in distributed counting. In Proc. ACM PODC, Aug. 1997.]] Google ScholarDigital Library
X. Yang. NIRA: A new Internet routing architecture. In Proc. ACM SIGCOMM FDNA, Aug. 2003.]] Google ScholarDigital Library
D. Zhu, M. Gritter, and D. R. Cheriton. Feedback based routing. In Proc. HotNets, Oct. 2002.]]Google Scholar

Index Terms

A system for authenticated policy-compliant routing
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols
  2. Network types
    1. Packet-switching networks

Recommendations

Pathlet routing
SIGCOMM '09

We present a new routing protocol, pathlet routing, in which networks advertise fragments of paths, called pathlets, that sources concatenate into end-to-end source routes. Intuitively, the pathlet is a highly flexible building block, capturing policy ...
Read More
A system for authenticated policy-compliant routing
SIGCOMM '04: Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications

Internet end users and ISPs alike have little control over how packets are routed outside of their own AS, restricting their ability to achieve levels of performance, reliability, and utility that might otherwise be attained. While researchers have ...
Read More
Secure and policy-compliant source routing

In today's Internet, inter-domain route control remains elusive; nevertheless, such control could improve the performance, reliability, and utility of the network for end users and ISPs alike. While researchers have proposed a number of source routing ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM SIGCOMM Computer Communication Review Volume 34, Issue 4
October 2004
385 pages
ISSN:0146-4833
DOI:10.1145/1030194
Issue’s Table of Contents
SIGCOMM '04: Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
August 2004
402 pages
ISBN:1581138628
DOI:10.1145/1015467
General Chair:
Raj Yavatkar
Intel Corporation
,
Program Chairs:
Ellen Zegura
Georgia Institute of Technology
,
Jennifer Rexford
AT&T Labs -- Research
Copyright © 2004 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 August 2004
Check for updates
Author Tags
authentication
capabilities
overlay networks
source routing
Qualifiers
- article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 70
  Total Citations
  View Citations
- 798
  Total Downloads
- Downloads (Last 12 months)51
- Downloads (Last 6 weeks)16
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A system for authenticated policy-compliant routing

ACM SIGCOMM Computer Communication Review

Abstract

References

Cited By

Index Terms

Recommendations

Pathlet routing

A system for authenticated policy-compliant routing

Secure and policy-compliant source routing