東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Towards securing interdomain routing...

Princeton University.

Linked to FindBook

Google Book

Amazon

博客來

Towards securing interdomain routing on the Internet.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Towards securing interdomain routing on the Internet./
Author:	Goldberg, Sharon.
Description:	215 p.
Notes:	Advisers: Jennifer Rexford; Boaz Barak.
Contained By:	Dissertation Abstracts International70-09B.
Subject:	Computer Science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3374797
ISBN:	9781109376272

Towards securing interdomain routing on the Internet.
Goldberg, Sharon.

Towards securing interdomain routing on the Internet. - 215 p.

Advisers: Jennifer Rexford; Boaz Barak.

Thesis (Ph.D.)--Princeton University, 2009.

The Internet consists of multiple autonomous systems (ASes), each consisting of networks of devices that are prone to malfunction, misconfiguration, or attack by malicious parties, and each controlled by profit-seeking businesses with different economic goals. Despite these complex relationships, the interdomain routing system (that allows ASes to communicate over the global Internet) currently operates under the assumption that all nodes in the network can trust each other. The thesis contributes to the body of works that seeks to remedy this, by considering network protocols that operate correctly even in the presence of adversarial or selfish behavior.

ISBN: 9781109376272Subjects--Topical Terms:

626642
Computer Science.

Towards securing interdomain routing on the Internet.
LDR:03969nmm 2200301 a 45 001 866782
005 20100802
008 100802s2009 ||||||||||||||||| ||eng d
020 $a 9781109376272
035 $a (UMI)AAI3374797
035 $a AAI3374797
040 $a UMI $c UMI
100 1 $a Goldberg, Sharon. $3 1035452
245 1 0 $a Towards securing interdomain routing on the Internet.
300 $a 215 p.
500 $a Advisers: Jennifer Rexford; Boaz Barak.
500 $a Source: Dissertation Abstracts International, Volume: 70-09, Section: B, page: .
502 $a Thesis (Ph.D.)--Princeton University, 2009.
520 $a The Internet consists of multiple autonomous systems (ASes), each consisting of networks of devices that are prone to malfunction, misconfiguration, or attack by malicious parties, and each controlled by profit-seeking businesses with different economic goals. Despite these complex relationships, the interdomain routing system (that allows ASes to communicate over the global Internet) currently operates under the assumption that all nodes in the network can trust each other. The thesis contributes to the body of works that seeks to remedy this, by considering network protocols that operate correctly even in the presence of adversarial or selfish behavior.
520 $a We take a principled approach to analyze the types of security guarantees that are possible within the engineering and economic constraints of the Internet's interdomain routing system. We focus exclusively on protocols that can be used to improve availability in the Internet, i.e., to increase the likelihood that packets arrive uncorrupted at their correct destination, and analyze two broad themes: (1) Which part of the system should be secured? (2) What is the right tradeoff between security and efficiency? To address these questions, we consider securing the following two parts of the system: the routing protocols, used to set up paths through the Internet, and the data-plane mechanisms, used to forward packets along the paths set up by the routing protocols. (1) We start with a game-theoretic analysis that shows that even the strongest known secure routing protocol is not sufficient to prevent selfish ASes from lying about the paths that data packets take through the network. We then find sufficient conditions that ensure that ASes will not lie. Unfortunately, these conditions are highly unrealistic, and so we conclude that ASes may have an incentive to lie about paths, and thus potentially forward their customer's traffic via paths that drop or corrupt packets. (2) We next consider secure data-plane mechanisms. We use novel cryptographic and data-streaming approaches to design lightweight protocols that detect packet loss and corruption on a path through the network, even when some nodes on the path are adversarial. Our protocols allow a sender and receiver to securely monitor billions of packets using only a few hundred bytes of storage and a pair of comparably sized control packets. (3) Finally, we take the security guarantees above even further, by considering protocols that also localize an adversarial node that drops or corrupts packets. We use cryptographic proof techniques to design new protocols and argue that any secure localization protocol requires the participation of every node on the path. This requirement is considered severe in the setting of interdomain routing, where each node is owned by independent economic entity, with little incentive to participate in the localization protocol. Our results have implications on the design of high-performance network architectures that can withstand selfish and adversarial behavior.
590 $a School code: 0181.
650 4 $a Computer Science. $3 626642
650 4 $a Web Studies. $3 1026830
690 $a 0646
690 $a 0984
710 2 $a Princeton University. $3 645579
773 0 $t Dissertation Abstracts International $g 70-09B.
790 $a 0181
790 1 0 $a Barak, Boaz, $e advisor
790 1 0 $a Rexford, Jennifer, $e advisor
791 $a Ph.D.
792 $a 2009
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3374797