Date of Original Version

12-28-2010

Type

Technical Report

Abstract or Description

We present the first Internet architecture designed for control and isolation. We propose to separate ASes into groups of independent routing sub-planes which then in-terconnect to form complete routes. Our architecture, SCI-FI, provides superior resilience and security properties as an intrinsic consequence of good design principles, without needing additional add-on protocols or external checks to provide resilience. Our security analysis shows that SCI-FI can naturally prevent several long-standing security plagues to existing interdomain routing protocols even with their semantics perfectly secured. Our evaluation results further demonstrate SCI-FI’s routing efficiency, path expressiveness, and substantial reliability improvements over existing (secured) routing protocols in the presence of malicious attacks.

Comments

CMU-CyLab-10-020

Share

COinS