Improve Routing Security by validating BGP (Border Gateway Protocol) with RPKI (Resource Public Key Infrastructure) (2022)

By Tony Tauber, Courtney Smith; Comcast

In this paper, we will discuss the basic operation of BGP and inter-provider Internet routing including some vulnerabilities of the system. We will then describe RPKI, a set of technologies developed by the IETF (Internet Engineering Task Force) to help address a sub-set of these vulnerabilities. Deployment of these tools is not without risk and complication, and we will describe how we went about assessing and enabling RPKI in a large MSO network including design tradeoffs and lessons learned.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Securing Interdomain Network Routing with Resource Public Key Infrastructure
By Mark Goodwin, Cox Communications, Inc.
2019
BGP Info Over DNS
By Tony Tauber, Comcast; Charlie Helfinstine, Comcast; Mark Feldman, Comcast
2023
The Evolution of Cable Network Security
By Matt Tooley, NCTA, Matt Carothers, Cox Communications, Michael Glenn, CableLabs, Michael O’Reirdan, Comcast, Chris Roosenraad, Time-Warner Cable, and Bill Sweeney, Comcast
2015
Routing Packets in Provider’s Network: A Multi-Service Operator’s Perspective
By Deependra Malla, Cox Communication Inc.
2024
Modernizing the BGP Route Reflection Architecture: Achieving Convergence and Service Optimization Through Virtual Route Reflectors
By Mark Goodwin, Cox Communications, Inc.
2024
Enhancing Public WiFi Security
By Ivan Ong, Comcast
2017
Hitchhiker’s Guide to Quantum Key Distribution
By Vaibhav Garg & Tony Tauber, Comcast Cable; Walter Krawec, University of Connecticut; Pete Quesada, Comcast Innovation Labs; Aman Satija, Purdue University
2021
Infrastructure and tools to support secure, scalable, and highly available APIs
By Agustin Schapira, Comcast
2011
Clouds, Cable And Connectivity: Future Internets And Router Requirements
By Robert M. Broberg (Cisco), Andrei Agapi (Cisco), Ken Birman (Cornell), Douglas Comer (Purdue), Chase Cotton (University of Delaware), Thilo Kielmann (Vrije Universiteit), Bill Lehr (MIT), Robbert VanRenesse (Cornell), Robert Surton (Cornell), Jonathan M. Smith (University of Pennsylvania)
2011
Public Key Infrastructure - Using X.509 Certificates For Device Authenication: Here A Cert, There A Cert, Everywhere A Cert
By Doug Jones, YAS Broadband Ventures, LLC.
2002
More Results >>