期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于身份的BGP路径验证机制 被引量:1

BGP Path Verification Mechanism Based on ID
下载PDF
导出
摘要 边界网关协议(BGP)因设计缺陷易受到各种类型的攻击。然而,当前BGP路径验证机制中繁重复杂的公钥基础设施(PKI)密钥管理和过量的存储空间开销严重阻碍了BGP安全方案在实际中部署实现。基于此,该文将基于身份的签名算法引入路径验证,提出了一个基于身份的路径验证机制(IDPV)。与当前基于证书的路径验证机制相比,IDPV有效地简化了PKI密钥管理,减少了路由器存储开销,提高了路径验证的性能,促进了BGP安全方案在实际中的应用。 The border gateway protocol(BGP) is vulnerable to various attacks for previous design limitations. However, the heavy and complicated public key infrastructure (PKI) key management and too much storage space cost in current BGP path verification mechanisms severely block BGP security solutions from being implemented and deployed in real world. For the first time the ID-based signature scheme is introduced into BGP path verification, and so the ID-based path verification mechanism(IDPV) is proposed. Compared with current certificate-based path verification mechanisms, IDPV effectively simplifies PKI key management and reduces router's storage space cost, improves path verification performance. The BGP secure solution with IDPV will be more easily realized and deployed in Interuet.
作者 王娜 顾纯祥 汪斌强
机构地区 国家数字交换系统工程技术研究中心 解放军信息工程大学信息工程学院
出处 《计算机工程》 CAS CSCD 北大核心 2007年第17期34-36,共3页 Computer Engineering
基金 国家"863"计划基金
关键词 路由 安全 BGP 路径验证 基于身份的密码学 route security BGP path verification identity-based cryptography
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1Murphy S.BGP Security Vulnerabilities Analysis[Z].Internet Draft,2004.
  • 2Paterson K G.ID-based Signatures from Pairings on Elliptic Curves[Z].(2006-07-17).http://eprint.iacr.org/2002/004.
  • 3Cha J,Cheon J.An Identity-based Signature from Gap Diffie-Hellman Groups[C]//Proceedings of the PKC'03.2003:18-30.
  • 4Hess F.Efficient Identity Based Signature Schemes Based on Pairings[C]//Proc.of Conference on Selected Areas in Cryptography-SAC'02.Springer-Verlag,2002:310-324.
  • 5Kent S,Lynn C,Seo K.Secure Border Gateway Protocol (S-BGP)[J].IEEE Journal on Selected Areas in Communications,2000,18(4):582-592.
  • 6Zhao M,Smith S W,Nicol D.Aggregated Path Authentication for Efficient BGP Security[C]//Proceedings of the 12th ACM Conference on Computer and Communications Security.2005-11.
  • 7Weekly Routing Table Report,NANOGArchive[Z].(2006-07-17).http:// www.merit.edu/mail.archives/nanog/.

同被引文献18

  • 1Rekhter Y, Li T, and Hares S. A Border Gateway Protocol 4 (BGP-4)[S]. RFC 4271, 2006.
  • 2Butler K, Farley T, and McDaniel P. A survey of BGP security issues and solutions[J]. Proceedings of IEEE, 2010, 98(1): 100 -122.
  • 3Huston G, Rossi M, and Armitage G. Security BGP-A literature survey[J]. IEEE Communications Surveys and Tutorials, 2011, 13(2): 199-222.
  • 4Kent S, Lynn C, and Seo K. Secure Border Gateway Protocol(S-BGP)[J].IEEE Journal on Selected Areas in Communications, 2000, 18(4): 582-592.
  • 5White R. Securing BGP through secure origin BGP[J]. Internet Protocol Journal, 2003, 6(3): 15-22.
  • 6Kranankis E, Wan T, and Oorschot P C. On interdomain routing security and pretty secure BGP(psBGP)[J]. ACM Transactions on Information and System Security, 2007,10(3): 1-41.
  • 7Cazenave I O, Kosluk E, and Ganiz M C. An anomaly detection framework for BGP[C]. Innovations in Intelligent Systems and Applications (INISTA), Istanbul, Turkey, 2011: 107-111.
  • 8Karlin J, Forrest S, and Rexford J. Pretty good BGP: improving BGP by cautiously adopting routes[C]. Proceedings of the IEEE International Conference on Network Protocols, Santa Barbara, California, USA, 2006: 290-299.
  • 9OpenSSL: the open source toolkit for SSL/TLS[EB/OL]. http://www.openssl.org/, 2012.
  • 10The network simulator's2[EB/OL], http://www.isi.edu/ nsnam/ns/, 2012.

引证文献1

二级引证文献3

计算机工程
2007年 第17期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部