An Authenticated Policy-Compliant Routing

  IJCOT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© - Issue 2011 by IJCTT Journal
Volume-2 Issue-2                           
Year of Publication : 2011
Authors :Tatarao Dagani.

MLA

Tatarao Dagani. "An Authenticated Policy-Compliant Routing"International Journal of Computer Trends and Technology (IJCTT),V2(2):616-621 Issue 2011 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract: - In today’s Internet, inter-domain route control remains elusive; nevertheless, such control could improve the performance, reliability, and utility of the network for end users and ISPs alike. While researchers have proposed a number of source routing techniques to combat this limitation, there has thus far been no way for independent ASes to ensure that such traffic does not circumvent local traffic policies, nor to accurately determine the correct party to charge for forwarding the traffic. We present Platypus, an authenticated source routing system built around the concept of network capabilities, which allow for accountable, fine-grained path selection by cryptographically attesting to policy compliance at each hop along a source route. Capabilities can be composed to construct routes through multiple ASes and can be delegated to third parties. Platypus caters to the needs of both end users and ISPs: users gain the ability to pool their resources and select routes other than the default, while ISPs maintain control over where, when, and whose packets traverse their networks. We describe the design and implementation of an extensive Platypus policy framework that can be used to address several issues in wide-area routing at both the edge and the core, and evaluate its performance and security. Our results show that incremental deployment of Platypus can achieve immediate gains.

References-

[1] S. Agarwal, C.-N. Chuah, and R. H. Katz, “OPCA: Robust interdomain policy routing and traffic control,” in Proc. IEEE OPENARCH, Apr. 2003, pp. 55–64.
[2] M. K. Aguilera, M. Ji, M. Lillibridge, J. MacCormick, E. Oertli, D. G. Andersen, M. Burrows, T. Mann, and C. A. Thekkath, “Block-level security for network-attached disks,” in Proc. USENIX FAST, Apr. 2003.
[3] D. G. Andersen, “Mayday: Distributed filtering for Internet services,” in Proc. USITS, Mar. 2003.
[4] D. G. Andersen, H. Balakrishnan, M. F. Kaashoek, and R. T. Morris, “Resilient overlay networks,” in Proc. ACM SOSP, Oct. 2001.
[5] R. Atkinson, “Security architecture for the Internet protocol,” in IETF, RFC 1825, Aug. 1995.
[6] H. Balakrishnan, V. N. Padmanabhan, and R. H. Katz, “The effects of asymmetry on TCP performance,” in Proc. ACM Mobicom, Sep. 1997.
[7] M. Bellare, R. Canetti, and H. Krawczyk, “Pseudorandom functions revisited: the cascade construction and its concrete security,” in Proc. IEEE FOCS, 1996, pp. 514–523.

Keywords— Authentication, capabilities, overlay networks, source routing.