Zhao Chen, Sun Bin, Yang Yi-Xian, Yang Yan. A Lightweight Mechanism for Border Gateway Protocol Path Verification[J]. Journal of Electronics & Information Technology, 2012, 34(9): 2167-2173. doi: 10.3724/SP.J.1146.2012.00285
Citation:
Zhao Chen, Sun Bin, Yang Yi-Xian, Yang Yan. A Lightweight Mechanism for Border Gateway Protocol Path Verification[J]. Journal of Electronics & Information Technology, 2012, 34(9): 2167-2173. doi: 10.3724/SP.J.1146.2012.00285
Zhao Chen, Sun Bin, Yang Yi-Xian, Yang Yan. A Lightweight Mechanism for Border Gateway Protocol Path Verification[J]. Journal of Electronics & Information Technology, 2012, 34(9): 2167-2173. doi: 10.3724/SP.J.1146.2012.00285
Citation:
Zhao Chen, Sun Bin, Yang Yi-Xian, Yang Yan. A Lightweight Mechanism for Border Gateway Protocol Path Verification[J]. Journal of Electronics & Information Technology, 2012, 34(9): 2167-2173. doi: 10.3724/SP.J.1146.2012.00285
Since BGP (Border Gateway Protocol) possesses many security vulnerabilities, BGP Autonomous System PATH information (AS_PATH attribute) is vulnerable to various attacks. In proposed BGP path verification mechanisms at present, the high computational overhead and complex process severely block security solutions from being implemented and deployed in real world. A lightweight method is designed for BGP path verification named First-Two-AS based Path Verification (FTAPV). Based on analysis of AS_PATH attribute, FTAPV can protect path information effectively through carrying signatures of first two ASes in the AS_PATH of UPDATEs. Security analysis and performance evaluation demonstrate this mechanism can reduce the route resource expense and the number of used certificates with strong ability of security and good scalability compared with existing method.