Dissertation > Excellent graduate degree dissertation topics show

Research and Implementation of Security Mechanism for Border Gateway Protocol

Author: YinWei
Tutor: ZhuPeiDong
School: National University of Defense Science and Technology
Course: Computer Science and Technology
Keywords: Border Gateway Protocol Multi-source AS registered query mechanism The source AS list mechanism Routing Security Security mechanism
CLC: TP393.08
Type: Master's thesis
Year: 2007
Downloads: 44
Quote: 0
Read: Download Dissertation

Abstract


Inter-domain routing protocol is the de facto standard for network reachability information declared as an autonomous system (AS), has a fundamental and critical role. However, it faces many security threats and management of security risks, such as peer-to-peer communication link is listener; message has been tampered with or forged. And history BGP triggered safety accidents occur frequently, its influence and catastrophic BGP security enhancement mechanism work more urgent and important. This paper covers the following four working. First, build the model of inter-domain routing protocol BGP threat and the vulnerability of the research agreement, and made an in-depth analysis of the current security mechanisms. Second, for multi-source BGP protocol conflict, with MOAS-LIST mechanism. Legitimate IP address prefix declared as MOAS LIST (list) of multiple sources AS inject routing update messages; AS according to the \Finally, the mechanism based on the open source routing software zebra and tested. Third, MOAS-LIST mechanism is not yet handle the MOAS LIST list \), can be a good solution to the problem of multi-source conflict. BGP protocol easily be listening to the authenticity of the source and routing update message integrity, design and realization of the SE-BGP protocol. Proposed the AS Alliance (Alliance), and based on the alliance to build the CA center; CA certificate to AS issued by the Union address prefix private certificate awarded to each AS and announced the corresponding public key; And AS using the private key of the update message need to protect the information in the text to be signed, and signed as a new path attributes added to verify the authenticity of the source routing update message recipient address prefix certificate using the corresponding public key of the AS routing update messages; to verify the authenticity of the signature and the the update message integrity; SE-BGP use of IPsec to ensure the safety of the BGP peer communication. Finally, based on the MRT routing software SE-BGP protocol and test. MOAS-RQ mechanism than MOAS the-LIST mechanisms can be a good solution to the problem of multi-source conflict. SE-BGP mechanism can ensure the security of the communication between the BGP peer, the source of authenticity, integrity and routing update messages. SE-BGP than S-the BGP mechanisms have distinct advantages. The mechanism is constructed according to the AS topology characteristics Union, distributed PKI system and the use of lightweight alliance-based signatures and certification programs, security and deployment consideration of the compromise, but also has a progressive deployment capabilities.

Related Dissertations

  1. The Rearch and Implement of the Safety Voice Gateway,TP393.08
  2. Design and Improve the National Inter-domain Routing Monitoring System,TP393.08
  3. The Design of Front-bank System Based on Debit Card,F832.2
  4. A Research of Guarantee System for College’s Sports Facilities Helping Community’s Sports Development,G807.4
  5. Research of Ad Hoc Network Routing Security and Key Management Technology,TN929.5
  6. The Application of Web Services in Information System and the Research of Its Security Mechanism,TP393.09
  7. On Realization of Social Fairness,F124.7
  8. Study on Safety Mechanism of Soldier Administrator System,TP309
  9. The Design and Engineering Practice of School Education Training Platform,TP393.18
  10. Monitoring and control in electric power remote monitoring and control system information model and security mechanisms,TP309
  11. A Study on the Security Technique of Operating System and Optimizing Scheme,TP393.08
  12. The Research and Realization of MIS2 Security Mechanism Based on ASP.NET Security Architecture,TP311.52
  13. Non-profit Organizations in Social Security,D632
  14. Security Design and Ralization in the Electronic Archives System,TP311.52
  15. Research and Implement of Algorithm for Generating Internet Autonomous System Hiberarchy Topology Graph,TP393.02
  16. Design and Implementation of BGP/MPLS VPN and Research of Multicast Supporting Algorithms,TN915
  17. SNMPv3 protocol and implementation of security mechanism,TP393.08
  18. The Korean Nuclear Issue and the Security Regimes of Northeastern Asia,D731
  19. The Research and Implementation on Content Protection System of Library Website,TP393.092
  20. Studies of the International Problems Involved in the War on Iraq,D99

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security
© 2012 www.DissertationTopic.Net  Mobile