Abstract
In order to guarantee secure operation of Network 2030s inter-domain infrastructure, we pursue a systematic design approach in this chapter. This systematic approach starts with concretizing the security properties that the network infrastructure should fulfill. In particular, we identify improved trust, path control, source authentication, and availability guarantees as the most important such properties. After laying out these goals, we articulate the constraints under which the properties must be achieved, e.g., the pervasiveness of (D)DoS attacks and the resulting need for lightweight security systems. Against the background of these goals and requirements, we propose a suite of security systems that comprehensively address current and future network-security challenges. More precisely, we present a path-aware network architecture that can be enhanced with a source-authentication mechanism, a bandwidth-reservation system, and a privacy-increasing forwarding scheme. Finally, we focus on practical considerations and expound the new services needed to implement our system proposals.
Keywords
- Security
- Privacy
- Trust
- Root of trust
- Availability
- Source authentication
- Path transparency
- Path control
- Symmetric-key derivation
- Bandwidth reservation
- Privacy brokering
- quality of service (QoS)
This is a preview of subscription content, access via your institution.
Buying options
References
A. Perrig, P. Szalachowski, R.M. Reischuk, L. Chuat, SCION: A Secure Internet Architecture (Springer, Cham, 2017)
SCION Control-Plane PKI, https://github.com/scionproto/scion/blob/master/doc/ControlPlanePKI.md
M. Legner, T. Klenze, M. Wyss, C. Sprenger, A. Perrig, EPIC: Every packet is checked in the data plane of a path-aware internet. 29th USENIX Security Symposium (USENIX Security 20) (2020)
S. Scherrer, A. Perrig, S. Schmid, The value of information in selfish routing, in International Colloquium on Structural Information and Communication Complexity, (Springer, Cham, 2020)
S. Scherrer, M. Legner, A. Perrig, S. Schmid, Incentivizing stable path selection in future Internet architectures. Perf. Eval. 144, 102137 (2020)
B. Rothenberger, D. Roos, M. Legner, A. Perrig, PISKES: Pragmatic internet-scale key establishment system, in Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS), (ACM, New York, 2020)
T. Lee, C. Pappas, A. Perrig, V. Gligor, Y.-C. Hu, The case for in-network replay suppression, in Proceedings of the ACM on Asia Conference on Computer and Communications Security, (ACM, New York, 2017)
G. Giuliari, M. Wyss, M. Legner, A. Perrig, GMA: A pareto optimal distributed resource-allocation algorithm. In Proceedings of the International Colloquium on Structural Information and Communication Complexity (SIROCCO) (2020)
T. Lee, C. Pappas, D. Barrera, P. Szalachowski, A. Perrig, Source accountability with domain-brokered privacy. In Proceedings of the 12th International on Conference on emerging Networking EXperiments and Technologies (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Scherrer, S., Perrig, A. (2021). Security, Anonymity, Privacy, and Trust. In: Toy, M. (eds) Future Networks, Services and Management. Springer, Cham. https://doi.org/10.1007/978-3-030-81961-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-81961-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-81960-6
Online ISBN: 978-3-030-81961-3
eBook Packages: EngineeringEngineering (R0)