A system for authenticated policy-compliant routing

10 years 11 months ago
A system for authenticated policy-compliant routing
Internet end users and ISPs alike have little control over how packets are routed outside of their own AS, restricting their ability to achieve levels of performance, reliability, and utility that might otherwise be attained. While researchers have proposed a number of source-routing techniques to combat this limitation, there has thus far been no way for independent ASes to ensure that such traffic does not circumvent local traffic policies, nor to accurately determine the correct party to charge for forwarding the traffic. We present Platypus, an authenticated source routing system built around the concept of network capabilities. Network capabilities allow for accountable, fine-grained path selection by cryptographically attesting to policy compliance at each hop along a source route. Capabilities can be composed to construct routes through multiple ASes and can be delegated to third parties. Platypus caters to the needs of both end users and ISPs: users gain the ability to poo...
Barath Raghavan, Alex C. Snoeren
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Authors Barath Raghavan, Alex C. Snoeren
Comments (0)