語系:
繁體中文
English
說明(常見問題)
回圖書館首頁
手機版館藏查詢
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
Towards securing interdomain routing...
~
Princeton University.
FindBook
Google Book
Amazon
博客來
Towards securing interdomain routing on the Internet.
紀錄類型:
書目-電子資源 : Monograph/item
正題名/作者:
Towards securing interdomain routing on the Internet./
作者:
Goldberg, Sharon.
面頁冊數:
215 p.
附註:
Advisers: Jennifer Rexford; Boaz Barak.
Contained By:
Dissertation Abstracts International70-09B.
標題:
Computer Science. -
電子資源:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3374797
ISBN:
9781109376272
Towards securing interdomain routing on the Internet.
Goldberg, Sharon.
Towards securing interdomain routing on the Internet.
- 215 p.
Advisers: Jennifer Rexford; Boaz Barak.
Thesis (Ph.D.)--Princeton University, 2009.
The Internet consists of multiple autonomous systems (ASes), each consisting of networks of devices that are prone to malfunction, misconfiguration, or attack by malicious parties, and each controlled by profit-seeking businesses with different economic goals. Despite these complex relationships, the interdomain routing system (that allows ASes to communicate over the global Internet) currently operates under the assumption that all nodes in the network can trust each other. The thesis contributes to the body of works that seeks to remedy this, by considering network protocols that operate correctly even in the presence of adversarial or selfish behavior.
ISBN: 9781109376272Subjects--Topical Terms:
626642
Computer Science.
Towards securing interdomain routing on the Internet.
LDR
:03969nmm 2200301 a 45
001
866782
005
20100802
008
100802s2009 ||||||||||||||||| ||eng d
020
$a
9781109376272
035
$a
(UMI)AAI3374797
035
$a
AAI3374797
040
$a
UMI
$c
UMI
100
1
$a
Goldberg, Sharon.
$3
1035452
245
1 0
$a
Towards securing interdomain routing on the Internet.
300
$a
215 p.
500
$a
Advisers: Jennifer Rexford; Boaz Barak.
500
$a
Source: Dissertation Abstracts International, Volume: 70-09, Section: B, page: .
502
$a
Thesis (Ph.D.)--Princeton University, 2009.
520
$a
The Internet consists of multiple autonomous systems (ASes), each consisting of networks of devices that are prone to malfunction, misconfiguration, or attack by malicious parties, and each controlled by profit-seeking businesses with different economic goals. Despite these complex relationships, the interdomain routing system (that allows ASes to communicate over the global Internet) currently operates under the assumption that all nodes in the network can trust each other. The thesis contributes to the body of works that seeks to remedy this, by considering network protocols that operate correctly even in the presence of adversarial or selfish behavior.
520
$a
We take a principled approach to analyze the types of security guarantees that are possible within the engineering and economic constraints of the Internet's interdomain routing system. We focus exclusively on protocols that can be used to improve availability in the Internet, i.e., to increase the likelihood that packets arrive uncorrupted at their correct destination, and analyze two broad themes: (1) Which part of the system should be secured? (2) What is the right tradeoff between security and efficiency? To address these questions, we consider securing the following two parts of the system: the routing protocols, used to set up paths through the Internet, and the data-plane mechanisms, used to forward packets along the paths set up by the routing protocols. (1) We start with a game-theoretic analysis that shows that even the strongest known secure routing protocol is not sufficient to prevent selfish ASes from lying about the paths that data packets take through the network. We then find sufficient conditions that ensure that ASes will not lie. Unfortunately, these conditions are highly unrealistic, and so we conclude that ASes may have an incentive to lie about paths, and thus potentially forward their customer's traffic via paths that drop or corrupt packets. (2) We next consider secure data-plane mechanisms. We use novel cryptographic and data-streaming approaches to design lightweight protocols that detect packet loss and corruption on a path through the network, even when some nodes on the path are adversarial. Our protocols allow a sender and receiver to securely monitor billions of packets using only a few hundred bytes of storage and a pair of comparably sized control packets. (3) Finally, we take the security guarantees above even further, by considering protocols that also localize an adversarial node that drops or corrupts packets. We use cryptographic proof techniques to design new protocols and argue that any secure localization protocol requires the participation of every node on the path. This requirement is considered severe in the setting of interdomain routing, where each node is owned by independent economic entity, with little incentive to participate in the localization protocol. Our results have implications on the design of high-performance network architectures that can withstand selfish and adversarial behavior.
590
$a
School code: 0181.
650
4
$a
Computer Science.
$3
626642
650
4
$a
Web Studies.
$3
1026830
690
$a
0646
690
$a
0984
710
2
$a
Princeton University.
$3
645579
773
0
$t
Dissertation Abstracts International
$g
70-09B.
790
$a
0181
790
1 0
$a
Barak, Boaz,
$e
advisor
790
1 0
$a
Rexford, Jennifer,
$e
advisor
791
$a
Ph.D.
792
$a
2009
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3374797
筆 0 讀者評論
館藏地:
全部
電子資源
出版年:
卷號:
館藏
1 筆 • 頁數 1 •
1
條碼號
典藏地名稱
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約狀態
備註欄
附件
W9078131
電子資源
11.線上閱覽_V
電子書
EB W9078131
一般使用(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
評論
新增評論
分享你的心得
Export
取書館
處理中
...
變更密碼
登入