2 options
Protecting the integrity of internet routing : border gateway protocol (BGP) route origin validation / William Haag [and three others].
- Format:
- Book
- Government document
- Author/Creator:
- Haag, William, author.
- Series:
- NIST special publication ; 1800-14.
- NIST special publication ; 1800-14
- Language:
- English
- Subjects (All):
- BGP (Computer network protocol).
- Denial of service attacks.
- Internet service providers.
- internet service providers.
- Genre:
- technical reports.
- Technical reports
- Technical reports.
- Physical Description:
- 1 online resource (257 pages) : color illustrations
- Place of Publication:
- Gaithersburg, MD : National Institute of Standards and Technology, U.S. Department of Commerce, National Cybersecurity Center of Excellence, 2019.
- Summary:
- The Border Gateway Protocol (BGP) is the default routing protocol to route traffic among internet domains. While BGP performs adequately in identifying viable paths that reflect local routing policies and preferences to destinations, the lack of built-in security allows the protocol to be exploited by route hijacking. Route hijacking occurs when an entity accidentally or maliciously alters an intended route. Such attacks can (1) deny access to internet services, (2) detour internet traffic to permit eavesdropping and to facilitate on-path attacks on end points (sites), (3) misdeliver internet network traffic to malicious end points, (4) undermine internet protocol (IP) address-based reputation and filtering systems, and (5) cause routing instability in the internet. This document describes a security platform that demonstrates how to improve the security of inter-domain routing traffic exchange. The platform provides route origin validation (ROV) by using the Resource Public Key Infrastructure (RPKI) in a manner that mitigates some misconfigurations and malicious attacks associated with route hijacking. The example solutions and architectures presented here are based upon standards-based, open-source, and commercially available products.
- Contents:
- volume A. Executive summary
- volume B. Approach, architecture, and security characteristics
- volume C. How-to guides.
- Notes:
- "June 2019."
- Includes bibliographical references.
- Online resource; title from PDF title page (viewed June 24, 2019).
- OCLC:
- 1107700562
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.