next generation secure internet security overview and context n.
Skip this Video
Loading SlideShow in 5 Seconds..
Next-Generation Secure Internet: Security Overview and Context PowerPoint Presentation
Download Presentation
Next-Generation Secure Internet: Security Overview and Context

Loading in 2 Seconds...

play fullscreen
1 / 13

Next-Generation Secure Internet: Security Overview and Context - PowerPoint PPT Presentation

  • Uploaded on

Next-Generation Secure Internet: Security Overview and Context. Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song. Everybody Understands Need for NGSI. Webby award Annual award for achievement in Web creation

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Next-Generation Secure Internet: Security Overview and Context

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
next generation secure internet security overview and context
Next-Generation Secure Internet:Security Overview and Context

Adrian Perrig

in collaboration with Steven Bellovin, David Clark, Dawn Song

everybody understands need for ngsi
Everybody Understands Need for NGSI
  • Webby award
    • Annual award for achievement in Web creation
    • Recipients get five words only for their acceptance speech
    • Vint Cerf: “We all invented the Internet”
  • Al Gore received Webby award this year
    • Responsible for spearheading critical legislation and providing much-needed political support
    • Speech: “Please don’t recount this vote”
    • “It is time to reinvent the Internet for all of us to make it more robust and much more accessible and use it to reinvigorate our democracy”
  • Internet designed for trustworthy environments
    • Goal was to provide efficiency, scalability, robustness assuming a benign environment
    • Fact: Internet protocols vulnerable to attacks, e.g., BGP, DNS, TCP/IP, …
    • Hosts are even worse
  • Today: businesses, government, society rely on Internet
  • As of January 2005: 317,646,084 hosts (
    • Not all of them are benign!
attacker trust model
Attacker/Trust Model
  • Any network node may be compromised
    • Endhosts
      • Including network management and operations machines
    • Routers and other network elements
    • Different impact when a network infrastructure element is compromised
  • Compromised nodes may collude
ngsi security requirements
NGSI Security Requirements
  • A desired outcome of this workshop is to establish list of desired NGSI security properties
  • Main security requirement is availability
    • Need availability of forwarding service, configuration and management services, etc., even in face of DDoS attacks
    • Fast recovery/convergence after perturbations
  • Other security properties can usually be implemented end-to-end
    • Confidentiality (data, topology, identity, …)
    • Integrity (data, routing info, forwarding path, …)
networking functional planes
Networking Functional Planes
  • Control plane
    • Function: route set up and signaling
    • Requirement: accuracy, consistency, convergence
  • Data plane
    • Function: packet forwarding
    • Requirement: availability, resilience to control plane vulnerabilities
  • Management plane
    • Function: configuration and monitoring
    • Requirement: availability
security approaches
Security Approaches
  • Prevention
    • Harden protocol itself
    • Eliminate attacks at design time
  • Detection and recovery
    • Monitor behavior of participants
    • Upon detection of misbehavior: eliminate malicious nodes, restore functionality
  • Resilience
    • Graceful performance degradation in the presence of compromised nodes and hosts
  • Deterrence
    • Provide legal disincentives
sample control plane design points
Sample Control Plane Design Points
  • [prevention]Cryptographic primitives to prevent routing information falsification
  • [prevention] Leveraging trusted computing technology
    • Example: help implement secure routing
  • [detection] Lightweight intrusion detection
  • [resilience] Various redundancy mechanisms for survivability
  • [deterrence]Trace intrusions
sample data plane design points
Sample Data Plane Design Points
  • [prevention] Infrastructure-enforced flow regulation
  • [prevention] Network firewalls / network filter infrastructure
  • [detection] Data plane intrusion detection
  • [resilience] Secure source-controlled routing
  • [deterrence] Persistent network identity to assist forensic inquiries
  • [deterrence]Trace and/or identify data origin
sample management plane design points
Sample Management Plane Design Points
  • [prevention] Isolated configuration channels provide resistance to flooding and packet injection attacks
  • [detection] Detect password-guessing attacks on network devices (hopefully we won’t base authentication on passwords only!)
  • [resilience] Tolerate misconfigurations
design considerations
Design Considerations
  • What design considerations should we recommend to community?
  • Sample guidelines
    • Minimal trust?
    • Small router state?
    • Minimal network layer functionality?
    • Favoring prevention over detection/recovery over resilience over deterrence?
    • Facilities for deterrence, while protecting privacy?
  • For next-generation secure Internet, build security into every component at every level
    • Redesign protocols with security as a central design requirement
    • Utilize comprehensive security approach, leveraging prevention, detection/recovery, resilience, and deterrence
    • Consider social aspects: ease-of-use, privacy
workshop report format
Workshop Report Format
  • Workshop goals
    • Build community consensus for need of a next-generation secure Internet (NGSI)
    • Establish requirements for NGSI
    • Explore problem space
    • Identify promising research directions
    • Recommendations to NSF and community
  • Structure of each report section on topic X
    • Properties NGSI should provide for X
    • Challenges and design considerations
    • Potential approaches and methods