Date of Original Version

12-28-2010

Type

Technical Report

Abstract or Table of Contents

We present the first Internet architecture designed for control and isolation. We propose to separate ASes into groups of independent routing sub-planes which then in-terconnect to form complete routes. Our architecture, SCI-FI, provides superior resilience and security properties as an intrinsic consequence of good design principles, without needing additional add-on protocols or external checks to provide resilience. Our security analysis shows that SCI-FI can naturally prevent several long-standing security plagues to existing interdomain routing protocols even with their semantics perfectly secured. Our evaluation results further demonstrate SCI-FI’s routing efficiency, path expressiveness, and substantial reliability improvements over existing (secured) routing protocols in the presence of malicious attacks.

Comments

CMU-CyLab-10-020

Share

COinS