On Interdomain Routing Security and Pretty Secure BGP (psBGP)
It is well-known that the Border Gateway Protocol (BGP), the IETF standard inter-domain routing protocol, is vulnerable to a variety of attacks, and that a single mis-configured or malicious BGP speaker could result in large scale service disruption. In this paper, the authors present pretty secure BGP (psBGP) - a proposal for securing BGP, including an architectural overview, design details for significant aspects, and preliminary security and operational analysis. psBGP differs from other security proposals (e.g., S-BGP and soBGP) in that it makes use of a single-level PKI for AS number authentication, a decentralized trust model for verifying the propriety of IP prefix origin, and a rating-based stepwise approach for AS PATH (integrity) verification.
Provided by: Association for Computing Machinery Topic: Security Date Added: Jul 2007 Format: PDF