###
DOI:
Journal of Software:2008.19(1):167-176

SE-BGP:一种BGP安全机制
胡湘江,朱培栋
(国防科学技术大学 计算机学院,湖南 长沙 410073)
SE-BGP: An Approach for BGP Security
HU Xiang-Jiang,ZHU Pei-Dong
()
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 4108   Download 3628
Received:June 15, 2006    Revised:November 03, 2006
> 中文摘要: BGP(border gateway protocol)协议的安全是Internet路由系统安全的关键.目前已提出多种BGP安全机制,但都未能得到部署.对BGP安全机制的部署问题进行深入分析,利用AS(autonomous system)结构的Rich-Club特性,提出AS联盟的概念,设计了一种BGP安全机制:SE-BGP(security enhanced BGP).SE-BGP采用基于AS联盟的安全体系结构,使用一种具有分布式认证中心的新的信任模型——TTM(translator trust mod
Abstract:BGP (border gateway protocol) security is very important to the inter-domain routing security. Many solutions have been proposed, but none has been deployed until now. This paper analyzes the main problems of these approaches. It studies the AS (autonomous system) topology of the Internet, especially the rich-club property, and gives the notion of the AS alliance. It proposes SE-BGP (security enhanced BGP) as a new way for BGP security. An alliance-based security architecture, and a new trust model-TTM (translator trust model) for SE-BGP are constituted. An authentication scheme based on TTM is also designed. Furthermore, the way of how to extend the BGP protocol is considered. The SE-BGP has strong ability of security and good scalability, and the number of the used certificates is about 1% of the traditional solutions.
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the National Natural Science Foundation of China under Grant No.60673169 (国家自然科学基金); the National Basic Research Program of China under Grant No.2003CB314802 (国家重点基础研究发展计划(973)); the National High-Tech Research and Development Plan of China u Supported by the National Natural Science Foundation of China under Grant No.60673169 (国家自然科学基金); the National Basic Research Program of China under Grant No.2003CB314802 (国家重点基础研究发展计划(973)); the National High-Tech Research and Development Plan of China u
Foundation items:
Reference text:

胡湘江,朱培栋.SE-BGP:一种BGP安全机制.软件学报,2008,19(1):167-176

HU Xiang-Jiang,ZHU Pei-Dong.SE-BGP: An Approach for BGP Security.Journal of Software,2008,19(1):167-176