Security issues in policy routing

7 January 2003

conference paper
Published by Institute of Electrical and Electronics Engineers (IEEE)

p. 183-193
https://doi.org/10.1109/secpri.1989.36293

Abstract

Most routing protocols, including proposed policy routing protocols, focus on environments where detection of an attack after it has taken place is sufficient. The authors explore the design of policy routing mechanisms for sensitive environments where more aggressive preventative measures are mandated. In particular, they detail the design of four secure protocol versions that prevent abuse by cryptographic checks of data integrity. They analyze and compare these schemes in terms of their prepacket processing overhead. It is concluded that preventative security is feasible, although the overhead cost is quite high. Consequently, it is critical that prevention-based schemes coexist with detection-based schemes.<>

Keywords

This publication has 6 references indexed in Scilit:

Visa protocols for controlling interorganizational datagram flow
IEEE Journal on Selected Areas in Communications, 1989
The design philosophy of the DARPA internet protocols
Published by Association for Computing Machinery (ACM) ,1988
The first ten years of public-key cryptography
Proceedings of the IEEE, 1988
Visa Scheme for Inter-Organization Network Security
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1987
Controls for Interorganization Networks
IEEE Transactions on Software Engineering, 1987
Using encryption for authentication in large networks of computers
Communications of the ACM, 1978