The smooth functioning of the Internet relies on routing, the component that determines feasible paths for data to flow from a source to a destination.
Computers on the Internet depend on routing information in order to be able to discover and communicate with each other. Currently, the Internet routing infrastructure is intolerably frail due to many shortcomings.
It is commonly misconfigured, has considerable weak security properties and becomes hard to manage. As a consequence, communication becomes unreliable and unpredictable.
The Border Gateway Protocol (BGP) is the most important protocol on the Internet, and is used to link the multiple networks that make up the Internet. Although it performs well, it suffers from many security weaknesses.
In an article published on SearchSecurity.co.uk (see below for .pdf), two authors examine mechanisms for introducing a measure of security for Border Gateway Protocol (BGP) – Secure-BGP and Secure Origin BGP – comparing their different approaches and suggesting where each of them could be best applied.
Written by Rostom Zouaghi and Stephen Wolthusen and entitled 'Interdomain Routing Security (BGP-4)', the article provides a clear exposition of how routing on the Internet works, and how the two BGP security approaches operate.
Essential reading for anyone with an interest in high-level network security and inter-domain routing, the article is part of our 2009 series featuring the best new MSc theses from graduates of the information security group at Royal Holloway University of London (RHUL).
Read Interdomain Routing Security (BGP-4) (.pdf) by Rostom Zouaghi and Stephen Wolthusen.
SearchSecurity's association with RHUL began last year when we published 12 articles from RHUL's MSc graduates. These were widely appreciated for their new ideas and relevance to security problems. We believe the 2009 series is equally wide-ranging and thought-provoking.