山东大学学报(理学版)
山東大學學報(理學版)
산동대학학보(이학판)
JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
2013年
7期
39-45
,共7页
邱修峰%刘建伟%伍前红%刘建华
邱脩峰%劉建偉%伍前紅%劉建華
구수봉%류건위%오전홍%류건화
多路径%域间路由选择决策%承诺%验证
多路徑%域間路由選擇決策%承諾%驗證
다로경%역간로유선택결책%승낙%험증
multipath%inter-domain routing decision%promise%verification
由于不同域之间的利益和安全策略存在复杂的竞争与冲突,域间路由安全问题一直具有挑战性。当前相关研究主要集中于路由源可信性与路径信息可信性等方向,但对域间路由策略实施可信性则较少关注。设计了一种多路径域间路由决策检测协议,可验证一个自治域是否遵守从N条目的地相同的候选路径中选择合适的M条路径发送往下游自治域的路由选择决策承诺。分析表明协议正确有效,同时可以抵抗伪造、篡改和重放等攻击,且具有增量部署和尊重参与者隐私的特性。
由于不同域之間的利益和安全策略存在複雜的競爭與遲突,域間路由安全問題一直具有挑戰性。噹前相關研究主要集中于路由源可信性與路徑信息可信性等方嚮,但對域間路由策略實施可信性則較少關註。設計瞭一種多路徑域間路由決策檢測協議,可驗證一箇自治域是否遵守從N條目的地相同的候選路徑中選擇閤適的M條路徑髮送往下遊自治域的路由選擇決策承諾。分析錶明協議正確有效,同時可以牴抗偽造、篡改和重放等攻擊,且具有增量部署和尊重參與者隱私的特性。
유우불동역지간적이익화안전책략존재복잡적경쟁여충돌,역간로유안전문제일직구유도전성。당전상관연구주요집중우로유원가신성여로경신식가신성등방향,단대역간로유책략실시가신성칙교소관주。설계료일충다로경역간로유결책검측협의,가험증일개자치역시부준수종N조목적지상동적후선로경중선택합괄적M조로경발송왕하유자치역적로유선택결책승낙。분석표명협의정학유효,동시가이저항위조、찬개화중방등공격,차구유증량부서화존중삼여자은사적특성。
Because of complicated security policy collisions and twisted interest conflicts between different network do-mains, interdomain routing security has been one challenge of secure routing.At present most of related researches fo-cus on the authentication of routing source and true path, but seldom address another point of whether the routing deci-sion process matches expected policy.A multipath interdomain routing decision verification protocol was designed, which can check whether an AS keeps its promise about choosing appropriate M from N paths that have the same desti-nation and are received from upstream ASs, and sending to a downstream AS.According to the analysis, the protocol is valid and respects the privacy of participants, as well as can resist attacks such as forgery, tampering and replay etc. and deploy on internet incrementally.
