Next generation secure internet security overview and context
1 / 13

- PowerPoint PPT Presentation

  • Updated On :

Next-Generation Secure Internet: Security Overview and Context. Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song. Everybody Understands Need for NGSI. Webby award Annual award for achievement in Web creation

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - daniel_millan

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Next generation secure internet security overview and context
Next-Generation Secure Internet:Security Overview and Context

Adrian Perrig

in collaboration with Steven Bellovin, David Clark, Dawn Song

Everybody understands need for ngsi
Everybody Understands Need for NGSI

  • Webby award

    • Annual award for achievement in Web creation

    • Recipients get five words only for their acceptance speech

    • Vint Cerf: “We all invented the Internet”

  • Al Gore received Webby award this year

    • Responsible for spearheading critical legislation and providing much-needed political support

    • Speech: “Please don’t recount this vote”

    • “It is time to reinvent the Internet for all of us to make it more robust and much more accessible and use it to reinvigorate our democracy”


  • Internet designed for trustworthy environments

    • Goal was to provide efficiency, scalability, robustness assuming a benign environment

    • Fact: Internet protocols vulnerable to attacks, e.g., BGP, DNS, TCP/IP, …

    • Hosts are even worse

  • Today: businesses, government, society rely on Internet

  • As of January 2005: 317,646,084 hosts (

    • Not all of them are benign!

Attacker trust model
Attacker/Trust Model

  • Any network node may be compromised

    • Endhosts

      • Including network management and operations machines

    • Routers and other network elements

    • Different impact when a network infrastructure element is compromised

  • Compromised nodes may collude

Ngsi security requirements
NGSI Security Requirements

  • A desired outcome of this workshop is to establish list of desired NGSI security properties

  • Main security requirement is availability

    • Need availability of forwarding service, configuration and management services, etc., even in face of DDoS attacks

    • Fast recovery/convergence after perturbations

  • Other security properties can usually be implemented end-to-end

    • Confidentiality (data, topology, identity, …)

    • Integrity (data, routing info, forwarding path, …)

Networking functional planes
Networking Functional Planes

  • Control plane

    • Function: route set up and signaling

    • Requirement: accuracy, consistency, convergence

  • Data plane

    • Function: packet forwarding

    • Requirement: availability, resilience to control plane vulnerabilities

  • Management plane

    • Function: configuration and monitoring

    • Requirement: availability

Security approaches
Security Approaches

  • Prevention

    • Harden protocol itself

    • Eliminate attacks at design time

  • Detection and recovery

    • Monitor behavior of participants

    • Upon detection of misbehavior: eliminate malicious nodes, restore functionality

  • Resilience

    • Graceful performance degradation in the presence of compromised nodes and hosts

  • Deterrence

    • Provide legal disincentives

Sample control plane design points
Sample Control Plane Design Points

  • [prevention]Cryptographic primitives to prevent routing information falsification

  • [prevention] Leveraging trusted computing technology

    • Example: help implement secure routing

  • [detection] Lightweight intrusion detection

  • [resilience] Various redundancy mechanisms for survivability

  • [deterrence]Trace intrusions

Sample data plane design points
Sample Data Plane Design Points

  • [prevention] Infrastructure-enforced flow regulation

  • [prevention] Network firewalls / network filter infrastructure

  • [detection] Data plane intrusion detection

  • [resilience] Secure source-controlled routing

  • [deterrence] Persistent network identity to assist forensic inquiries

  • [deterrence]Trace and/or identify data origin

Sample management plane design points
Sample Management Plane Design Points

  • [prevention] Isolated configuration channels provide resistance to flooding and packet injection attacks

  • [detection] Detect password-guessing attacks on network devices (hopefully we won’t base authentication on passwords only!)

  • [resilience] Tolerate misconfigurations

Design considerations
Design Considerations

  • What design considerations should we recommend to community?

  • Sample guidelines

    • Minimal trust?

    • Small router state?

    • Minimal network layer functionality?

    • Favoring prevention over detection/recovery over resilience over deterrence?

    • Facilities for deterrence, while protecting privacy?


  • For next-generation secure Internet, build security into every component at every level

    • Redesign protocols with security as a central design requirement

    • Utilize comprehensive security approach, leveraging prevention, detection/recovery, resilience, and deterrence

    • Consider social aspects: ease-of-use, privacy

Workshop report format
Workshop Report Format

  • Workshop goals

    • Build community consensus for need of a next-generation secure Internet (NGSI)

    • Establish requirements for NGSI

    • Explore problem space

    • Identify promising research directions

    • Recommendations to NSF and community

  • Structure of each report section on topic X

    • Properties NGSI should provide for X

    • Challenges and design considerations

    • Potential approaches and methods