{ "item_title" : "The Complete Guide to Scion", "item_author" : [" Laurent Chuat", "Markus Legner", "David Basin "], "item_description" : "Foreword by Jo l Mesot xi Foreword by Fritz Steinmann xiii Preface xv How to Read This Book xvii Acknowledgments xix 1 Introduction 1 1.1 Today's Internet . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Goals for a Secure Internet Architecture . . . . . . . . . . . 9 I SCION Core Components 15 2 Overview 17 2.1 Infrastructure Components . . . . . . . . . . . . . . . . . . 20 2.2 Authentication . . . . . . . . . . . . . . . . . . . . . . . . 21 2.3 Control Plane . . . . . . . . . . . . . . . . . . . . . . . . . 23 2.4 Data Plane . . . . . . . . . . . . . . . . . . . . . . . . . . 28 2.5 ISD and AS Numbering . . . . . . . . . . . . . . . . . . . 31 3 Authentication 35 3.1 The Control-Plane PKI (CP-PKI) . . . . . . . . . . . . . . 36 3.2 DRKey: Dynamically Recreatable Keys . . . . . . . . . . . 52 3.3 SCION Packet Authenticator Option . . . . . . . . . . . . . 61 4 Control Plane 65 4.1 Path-Segment Construction Beacons (PCBs) . . . . . . . . 66 4.2 Path Exploration (Beaconing) . . . . . . . . . . . . . . . . 69 4.3 Path-Segment Registration . . . . . . . . . . . . . . . . . . 71 4.4 PCB and Path-Segment Selection . . . . . . . . . . . . . . 73 4.5 Path Lookup . . . . . . . . . . . . . . . . . . . . . . . . . 80 4.6 Service Discovery . . . . . . . . . . . . . . . . . . . . . . 87 4.7 SCION Control Message Protocol (SCMP) . . . . . . . . . 89 5 Data Plane 93 5.1 Inter- and Intra-domain Forwarding . . . . . . . . . . . . . 94 5.2 Packet Format . . . . . . . . . . . . . . . . . . . . . . . . 95 5.3 Path Authorization . . . . . . . . . . . . . . . . . . . . . . 96 5.4 The SCION Path Type . . . . . . . . . . . . . . . . . . . . 101 5.5 Path Construction (Segment Combinations) . . . . . . . . . 104 5.6 Packet Initialization and Forwarding . . . . . . . . . . . . . 115 5.7 Path Revocation . . . . . . . . . . . . . . . . . . . . . . . 120 5.8 Data-Plane Extensions . . . . . . . . . . . . . . . . . . . . 124 II Analysis of the Core Components 127 6 Functional Properties and Scalability 129 6.1 Dependency Analysis . . . . . . . . . . . . . . . . . . . . . 130 6.2 SCION Path Policy . . . . . . . . . . . . . . . . . . . . . . 135 6.3 Scalability Analysis . . . . . . . . . . . . . . . . . . . . . 148 6.4 Beaconing Overhead and Path Quality . . . . . . . . . . . . 150 7 Security Analysis 157 7.1 Security Goals and Properties . . . . . . . . . . . . . . . . 158 7.2 Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 161 7.3 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 7.4 Control-Plane Security . . . . . . . . . . . . . . . . . . . . 165 7.5 Path Authorization . . . . . . . . . . . . . . . . . . . . . . 170 7.6 Data-Plane Security . . . . . . . . . . . . . . . . . . . . . 172 7.7 Source Authentication . . . . . . . . . . . . . . . . . . . . 174 7.8 Absence of Kill Switches . . . . . . . . . . . . . . . . . . . 176 7.9 Other Security Properties . . . . . . . . . . . . . . . . . . . 179 7.10 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 III Achieving Global Availability Guarantees 183 8 Extensions for the Control Plane 185 8.1 Hidden Paths . . . . . . . . . . . . . . . . . . . . . . . . . 185 8.2 Time Synchronization . . . . . . . . . . . . . . . . . . . . 190 8.3 Path Metadata in PCBs . . . . . . . . . . . . . . . . . . . . 197 9 Monitoring and Filtering 203 9.1 Replay Suppression . . . . . . . . . . . . . . . . . . . . . . 204 9.2 High-Speed Traffic Filtering with LightningFilter . . . . . . 207 9.", "item_img_path" : "https://covers2.booksamillion.com/covers/bam/3/03/105/287/3031052870_b.jpg", "price_data" : { "retail_price" : "139.99", "online_price" : "139.99", "our_price" : "139.99", "club_price" : "139.99", "savings_pct" : "0", "savings_amt" : "0.00", "club_savings_pct" : "0", "club_savings_amt" : "0.00", "discount_pct" : "10", "store_price" : "" } }

Overview

Customers Also Bought

Details