1 / 23

Research on IP Anycast Secure Group Management

Research on IP Anycast Secure Group Management. Wang Yue wy@net.cs.pku.edu.cn Network & Distribution Lab, Peking University Network Research Workshop 2003 16 th APAN Meetings. List of Topics. Review of IP Anycast Anycast Security Model Anycast Group Characteristics

kami
Download Presentation

Research on IP Anycast Secure Group Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Research on IP Anycast Secure Group Management Wang Yue wy@net.cs.pku.edu.cn Network & Distribution Lab, Peking University Network Research Workshop 2003 16th APAN Meetings

  2. List of Topics • Review of IP Anycast • Anycast Security Model • Anycast Group Characteristics • Secure Anycast Listener Discovery (S-ALD)

  3. Review of IP Anycast • An IP service defined in RFC1546 for IPv4, and in RFC2373 for IPv6. • Like Multicast, an IP anycast address is assigned to a set of network interfaces. • But, a packet for an anycast address is forwarded to the “topologically nearest” interface with this address.

  4. Review of IP Anycast (continue) Anycast Group A is identified by its anycast address; Each member can also has an unicast address to identify itself.

  5. Review of IP Anycast (continue) • Address modification for stateful service dst = a1 Client --------------------- Anycast Server src = u1 ( anycast address : a1 ---------------------unicast address : u1 ) dst = u1 --------------------- … …

  6. List of Topics • Review of IP Anycast • Anycast Security Model • Anycast Group Characteristics • Secure Anycast Listener Discovery (S-ALD)

  7. Anycast Security Requirements • Everyone can announce to the routing system or clients that it was the member of a certain group. Therefore, Anycast is vulnerable to attacks such as Masquerading, DOS, etc. • “Security Requirements of IPv6 Anycast ” (internet draft) • Unauthenticated anycast server announcements • Source address modification by an anycast server • Secure communication between anycast clients and servers

  8. Secure Channel for Anycast • We need secure channels between anycast members and the routing system as well as clients. Certificate-based secure protocols are good for the purpose. ( red lines denote secure channels )

  9. Authorization Scheme • IPv6 Anycast address format • Network prefix defines a topological scope where all members reside in • Global IP Anycast (GIA): prefix is null prefix • Regional IP Anycast (RIA): prefix is not null • AS-inner RIA : prefix insides an AS • AS-outer RIA : prefix does not inside any AS

  10. Authorization Scheme (continue) • Three separate authorizations needed • Assigning an anycast address, e.g. by IANA • Entitling group membership to an interface, e.g. by the group owner • Admission control for an group member residing in a certain network region or AS, e.g. by the AS

  11. Authorization Scheme (continue) • Authorization Hierarchy for GIA and AS-outerRIA address ( each color denotes a certificate chain )

  12. Authorization Scheme (continue) • Authorization Hierarchy for AS-innerRIA address ( considering an anycast address prefix covers a network inside the AS )

  13. Configuration • Group Discoverers need configure IANA or local addresses assigning authorities’ public key, and the public key for admission control certificate. • Clients need only configure IANA’s public key. • Truncation of certificate chains can be used to reduce cost, after the first try.

  14. List of Topics • Review of IP Anycast • Anycast Security Model • Anycast Group Characteristics • Secure Anycast Listener Discovery (S-ALD)

  15. Host-based Anycast using MLD • This internet draft proposes to discover anycast members the same way as Multicast Listener Discovery (MLD) protocol. • Host sends Report or Leave to the adjacent router (i.e. Group Discoverer) when joining or leaving a group. • Group Discoverers periodically send Query to learn status of adjacent members.

  16. Anycast Group Characteristics • Semantically, each anycast group provides a service. • Normally, the frequency for members advertising to Group Discoverers their joining or leaving a group is low. • Members should report their status more frequently. • The processing delay for joining is not required strictly, as other members can provide the same service. • The processing delay for leaving should be as low as possible. • Locations of anycast members can be rather limited and stable, so we unnecessarily deploy one group discoverer in each access border of the routing system. It is both economical and secure in this way.

  17. List of Topics • Review of IP Anycast • Anycast Security Model • Anycast Group Characteristics • Secure Anycast Listener Discovery (S-ALD)

  18. Secure Anycast Listener Discovery • The Scenario • Secure channel between anycast member and Group Discoverer is built during the join phase on IPSec by authenticating the mentioned certificates.

  19. S-ALD Features • Members report actively, not driven by a query • Network burst largely reduced • Members and Group Discoverers may not be on the same link • Group Discoverers should record status of registered members • For secure sessions’s sake • Other information, e.g. members’s load may be useful for anycast route choice • Considering Anycast group characteristics, S-ALD is secure, totally low overhead and manageable

  20. Our contributions • Authorization Scheme for Secure Anycast • Anycast Group Characteristics • The Resulting S-ALD protocol

  21. Prospect • IP Anycast is useful for service discovery, automatic configuration, load balance, etc. • But, concerning security, IPv6 restricts that anycast addresses must NOT assigned to hosts, “until more experience has been gained and solutions agreed upon”. • With Anycast Secure Group Management, we can break this restriction.

  22. The End

  23. Question?

More Related