Improve Routing Security by validating BGP (Border Gateway Protocol) with RPKI (Resource Public Key Infrastructure) (2022)

By Tony Tauber, Courtney Smith; Comcast

In this paper, we will discuss the basic operation of BGP and inter-provider Internet routing including some vulnerabilities of the system. We will then describe RPKI, a set of technologies developed by the IETF (Internet Engineering Task Force) to help address a sub-set of these vulnerabilities. Deployment of these tools is not without risk and complication, and we will describe how we went about assessing and enabling RPKI in a large MSO network including design tradeoffs and lessons learned.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Securing Interdomain Network Routing with Resource Public Key Infrastructure
By Mark Goodwin, Cox Communications, Inc.
BGP Info Over DNS
By Tony Tauber, Comcast; Charlie Helfinstine, Comcast; Mark Feldman, Comcast
The Evolution of Cable Network Security
By Matt Tooley, NCTA, Matt Carothers, Cox Communications, Michael Glenn, CableLabs, Michael O’Reirdan, Comcast, Chris Roosenraad, Time-Warner Cable, and Bill Sweeney, Comcast
Enhancing Public WiFi Security
By Ivan Ong, Comcast
Hitchhiker’s Guide to Quantum Key Distribution
By Vaibhav Garg & Tony Tauber, Comcast Cable; Walter Krawec, University of Connecticut; Pete Quesada, Comcast Innovation Labs; Aman Satija, Purdue University
Clouds, Cable And Connectivity: Future Internets And Router Requirements
By Robert M. Broberg (Cisco), Andrei Agapi (Cisco), Ken Birman (Cornell), Douglas Comer (Purdue), Chase Cotton (University of Delaware), Thilo Kielmann (Vrije Universiteit), Bill Lehr (MIT), Robbert VanRenesse (Cornell), Robert Surton (Cornell), Jonathan M. Smith (University of Pennsylvania)
Infrastructure and tools to support secure, scalable, and highly available APIs
By Agustin Schapira, Comcast
Public Key Infrastructure - Using X.509 Certificates For Device Authenication: Here A Cert, There A Cert, Everywhere A Cert
By Doug Jones, YAS Broadband Ventures, LLC.
Remote PHY 2.0: The Next Steps For Remote PHY Technology
By Pawel Sowinski, Andy Smith & Tong Liu, Cisco Systems Inc.
Key Learnings from Comcast’s Use of Open Source Software in the Access Network
By Louis Donofrio & Qin Zang, Comcast Cable; Vignesh Ramamurthy, Infosys Consulting
More Results >>