Submission + - Will feds mandate Internet routing security? (networkworld.com)
alphadogg writes: The Department of Homeland Security has spent $3 million over the past few years on research aimed at bolstering the security of the Internet's routing system.
Now, as this research is being deployed across the Internet, DHS wants government agencies and their carriers to be among the earliest adopters of the new Resource Public Key Infrastructure (RPKI) system that it helped create.
DHS considers the RPKI system to be a much-needed first step in securing the Internet's core routing protocol, which is called the Border Gateway Protocol (BGP). In addition to its support of RPKI, DHS also has spent around $1 million on research and software development aimed at adding security directly to BGP.
RPKI helps improve routing security by adding a layer of encryption to the communications between Internet registries and network operators. With RPKI, network operators can verify that they have the authority to route traffic for a block of IP addresses or routing prefixes known as Autonomous System Numbers.
RPKI is designed to prevent Internet routing attacks http://www.networkworld.com/news/2009/011509-bgp-attacks.html and accidents, such as the recent China Telecom Internet traffic hijacking incident http://www.networkworld.com/news/2010/111810-china-telecom-operator-denies-hijacking.htmlthat has received attention on Capitol Hill.
Now, as this research is being deployed across the Internet, DHS wants government agencies and their carriers to be among the earliest adopters of the new Resource Public Key Infrastructure (RPKI) system that it helped create.
DHS considers the RPKI system to be a much-needed first step in securing the Internet's core routing protocol, which is called the Border Gateway Protocol (BGP). In addition to its support of RPKI, DHS also has spent around $1 million on research and software development aimed at adding security directly to BGP.
RPKI helps improve routing security by adding a layer of encryption to the communications between Internet registries and network operators. With RPKI, network operators can verify that they have the authority to route traffic for a block of IP addresses or routing prefixes known as Autonomous System Numbers.
RPKI is designed to prevent Internet routing attacks http://www.networkworld.com/news/2009/011509-bgp-attacks.html and accidents, such as the recent China Telecom Internet traffic hijacking incident http://www.networkworld.com/news/2010/111810-china-telecom-operator-denies-hijacking.htmlthat has received attention on Capitol Hill.