Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen.

Similar presentations


Presentation on theme: "1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen."— Presentation transcript:

1 1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen

2 Application Transport Data link Network Physical The Internet is still unreliable and insecure! 2 Feb 2008: Pakistani ISP hijacks YouTube prefix Apr 2010: A Chinese ISP inserts fake routes affecting thousands of US networks. Nov 2010: 10% of Internet traffic 'hijacked' to Chinese servers due to DNS Tampering. S-BGP origin attest. S-BGP route attest. DNSSec Multi-path  Fixes to date – ad hoc, patches  Inconvenient truths  S-BGP: delayed convergence  Global PKI: single root of trust

3 Limitations of the Current Internet  Too little or too much path control by end points D C A B M D’s prefix here! 3 Prefer the red path … Prefer the red path …  Destination has too little control over inbound paths  Source has too much control to aggregate DDoS traffic

4 Limitations of the Current Internet  Too little or too much path control by end points 4  Destination has too little control over inbound paths  Source has too much control to aggregate DDoS traffic  Lack of routing isolation  A failure/attack can have global effects  Global visibility of paths is not scalable  Lack of route freshness  Current (S-)BGP enables replaying of obsolete paths

5 Related Work  Routing security  S-BGP, soBGP, psBGP, SPV, PGBGP  Routing control  Multipath (MIRO, Deflection, Path splicing, Pathlet), NIRA  Scalable and policy-based routing  HLP, HAIR, RBF  Secure DNS  DNSSec  Source accountability and router accountability  AIP, Statistical FL, PAAI 5

6 Wish List (1): Isolation 6 … M Attacks (e.g., bad routes) … …  Localization of attacks  Mutually distrusting domains, no single root of trust … Independent routing region

7 Wish List (2): Balanced Control 77 … CMU PSC I2 L3 … D CAB Hide the peering link from CMU Hide the peering link from CMU  Source, destination, transit ISPs all have path control  Support rich policies and DDoS defenses

8 Wish List (3): Explicit Trust 8 CMU PSC Level 3 I2  Know who needs to be trusted XYZ Who will forward Packets on the path? Who will forward Packets on the path? Go through X and Z, but not Y Go through X and Z, but not Y  Enforceable accountability … Internet

9 SCION Architecture Overview 9 Source Destination PCB  Trust domain (TD)s  Isolation and scalability  Path construction  scalability  Path resolution  Control  Explicit trust  Route joining (shortcuts)  Efficiency, flexibility S: blue paths D: red paths S: blue paths D: red paths path srv TD TD Core AD: admin domain

10 Logical Decomposition  Split the network into a set of trust domains (TD) 10 TD: isolation of route computation TD cores: interconnected Tier-1 ADs (ISPs) SourceDestination core Up-paths Down-paths

11 Path Construction Beacons (PCBs) 11 TD Core A B C PCB Embed into pkts : interface: Opaque field: expiration time : signature = SIG( || || ) = ||MAC( ) = SIG( || || || ) = || MAC( || ) PCB = || MAC( || ) = SIG( || || || )

12 SCION Security Benefits 12 S-BGP etcSCION Isolation Scalability, freshness Path replay attack Collusion attack Single root of trust Trusted Computing BaseWhole Internet TD Core and on-path ADs Path Control SourceEnd-to-end controlOnly up-path DestinationNo controlInbound paths DDoSOpen attacksEnable defenses

13 Performance Benefits  Scalability  Routing updates are scoped within the local TD  Flexibility  Transit ISPs can embed local routing policies in opaque fields  Simplicity and efficiency  No inter-domain forwarding table 13

14 Evaluation Methodology  Use of CAIDA topology information  Assume 5 TDs (AfriNIC, ARIN, APNIC, LACNIC, RIPE)  We compare to S-BGP/BGP 14

15 Performance Evaluation  Additional path length (AD hops) compared to BGP  without shortcuts: 21% longer  with shortcuts:  1 down/up- path: 6.7%  2 down/up- path: 3.5%  5 down/up- path: 2.5% 15

16 Policy Expressiveness Evaluation  Fraction of BGP paths available under SCION, reflecting SCION’s expressiveness of BGP policies 16

17 Security Evaluation  Resilience against routing and data-plane attacks  Malicious ADs announce bogus links between each other 17 SCION S-BGP

18 Conclusions Basic architecture design for a next- generation network that emphasizes isolation, control and explicit trust Highly efficient, scalable, available architecture Enables numerous additional security mechanisms, e.g., network capabilities 18 Application Transport Data link Network Physical

19 Questions? 19 Xin Zhang


Download ppt "1 SCION: Scalability, Control and Isolation On Next-Generation Networks Xin Zhang, Hsu-Chun Hsiao, Geoff Hasker, Haowen Chan, Adrian Perrig, David Andersen."

Similar presentations


Ads by Google