Accession Number:

ADA386575

Title:

Secure Border Gateway Protocol and the External Routing Intrusion Detection System

Descriptive Note:

Final technical rept. Jun 1998-Dec 1999

Corporate Author:

BBN TECHNOLOGIES CAMBRIDGE MA

Personal Author(s):

Report Date:

2000-09-01

Pagination or Media Count:

92.0

Abstract:

The Border Gateway Protocol BGP, which is used to distribute routing information between autonomous systems ASes, is a critical component of the Internets routing infrastructure. It is highly vulnerable to a variety of malicious attacks due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. The Secure BGP projects designed a secure, scalable, deployable architecture S-BGP for an authorization and authentication system that addresses most of the security problems associated with BGP. This contract final report includes the following documents concerning S-BGP Lessons Learned from the Secure BGP Proof-of-Concept Implementation Secure Border Gateway Protocol S-BGP Design and Analysis of the Secure Border Gateway Protocol S-BGP. The last two items discuss the vulnerabilities and security requirements associated with BGP, describe the S-BGP countermeasures, and explain how they address these vulnerabilities and requirements. In addition, the papers provide a comparison of this architecture with other approaches that have been proposed, analyze the performance implications of the proposed countermeasures, and address operational issues.

Subject Categories:

  • Computer Systems
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE