Balance de la experiencia docente en la enseñanza y el aprendizaje

This thesis is arranged in four main parts including this introductory one. Next, we provide the synopsis of the rest of the thesis along with the topics covered in each chapter.

PART II

Chapter 2 briefly reviews the business relations and policies among ASes, as well as their effects in inter-domain routing, so as to facilitate the understanding of the BGP security issues described in Chapter 3. For the same purpose, this chapter also includes a brief review of the BGP protocol.

Chapter 3 outlines different types of vulnerabilities of the BGP-4 protocol. It also illustrates some of the main security vulnerabilities of the BGP-4 protocol which have lead to large scale Internet service disruptions.

Chapter 4 provides a survey on the recent contributions made by SIDR WG along with a comparison of the design principles of SIDR WG recommendations with earlier proposed solutions. This chapter also provides a detailed analysis and excess burden of the SIDR WG security recommendations along with the illustration of residual attacks which remain unresolved.

1.4. Thesis Structure

Chapter 5 lays the foundation for the studying the route leak problem in the next chapters. First, it describes two real world route leak occurrences including the related work as well. Then it dives in to the anatomy of route leaks to provide a formal definition of the problem. Chapter 6 describes the theoretical framework for autonomously detecting detecting route leaks. Based on the theoretical framework, it presents three incremental route leak detection techniques, namely, Cross-Path (CP), Benign Fool Back (BFB), and Reverse Benign Fool Back (R-BFB).

Chapter 7presents the simulation and experimental framework for evaluating the proposed route leak detection techniques. It also provide analysis on the results obtained from the simulations and experiments.

PART III

Chapter 8 briefly describes the LISP protocol and its working framework. It also discusses LISP existing security arsenal including its intrinsic security features and the LISP-SEC protocol in order to provide better understanding of the LISP security issues in next chapter.

Chapter 9 illustrates LISP security vulnerabilities including EID impersonation, RLOC spoof- ing, and lack of global EID authorization which remain unresolved in the presence of the existing LISP security measures.

Chapter 10introduces an updated LISP working framework including a working role of the EID holder. Then, it describes an end-to-end secure map registration process based on efficient cryptographic mechanisms. This proposed secure map registration process not only enables dynamic map registrations, facilitating the much required mobility feature, but also enhances the overall security of the LISP protocol.

PART IV

Chapter 11 summarizes the main achievements of this thesis.

Chapter 12 suggests different directions for broadening the reach of the contributions made in this thesis.

Part II

2

Inter-Domain Preliminaries

This chapter briefly reviews the business relations and policies among ASes, as well as their effects in inter-domain routing, so as to facilitate the understanding of the BGP security issues described in next chapter. For the same purpose, this chapter also includes a brief review of the BGP protocol.

2.1 Business Relations among ASes

The Internet consists of thousands of inter-connected Autonomous Systems (AS). A collection of network elements and links under a single administration is called an Autonomous System (AS) or domain. In Fig. 2.1, AS1and AS2are two directly connected ASes. AS1and AS2would

exchange their respective IP prefixes with each other such that a source in AS1can reach a

destination in AS2and vice versa. Currently, there are around 45,000 ASes in the Internet,

and the reachability is achieved when each AS informs all its neighbors (directly connected

ASes) about its available IP prefixes according to its routing policy. That is, the routing policy

specifies how reachability information is exchanged between any two ASes.

The business relation between any two ASes dictates the kind of policies that would be im- plemented on that particular link. The business relation between two ASes can be typically classified into either Provider-Customer or Peer-Peer relation [75]. In the latter case, both ASes advertise subsets of their routes, i.e., they only advertise their own or their customer’s routes to each other. For the Provider-Customer relation, the Provider and the Customer are the opposite ends of the same link. In this case, the Customer will only advertise its own routes and the routes of its Customers (i.e., Customer’s Customer routes) toward its Provider link. The Provider AS, on the other hand, will usually advertise all routes toward its customer hence providing it transit to the rest of the Internet.

For example, in Fig. 2.1, AS3is a Customer of AS1and AS4is a Customer of AS2, whereas AS1

and AS2are Peers. AS1being AS3’s Provider would advertise AS3’s routes to AS2which would

Chapter 2. Inter-Domain Preliminaries P𝐴𝑆1∪ P𝐴𝑆2∪ P𝐴𝑆3 P𝐴𝑆2∪ P𝐴𝑆4 P𝐴𝑆1∪ P𝐴𝑆2∪ P𝐴𝑆4 AS1 AS2 AS3 P𝐴𝑆3 P𝐴𝑆1∪ P𝐴𝑆3 P𝐴𝑆4 Prefix Advertisement Peer-Peer Relation (PP) Customer-Provider Relation (CP) X Y X Y P𝑨𝑺𝒊: Prefixes announced by 𝐴𝑆𝑖 AS4

Figure 2.1: Types of business relations among ASes.

a source in AS3can reach any available IP prefixes in AS4and vice versa.

In a nutshell, the following guidelines, known as valley-free rules [45], are adopted by an AS for further advertisement of received routes:

• Routes learned from Customers are further advertised to other Customers, Peers and Providers (Fig. 2.2(a)).

Valley-free non-compliant Route Advertisement Valley-free compliant Route Advertisement

(a) (b) (c) Providers Customers Peers ASN Peers Providers Customers ASN Peers Customers Providers ASN

Figure 2.2: Route re-advertisements according to the valley-free rules: (a) for routes learnt from customers; (b) for routes learnt from peers; (c) for routes learnt from providers.