The Complete Guide to Scion: From Design Principles to Formal Verification - Couverture rigide
Livre 25 sur 25: Information Security and Cryptography
Synopsis
Foreword by Joël Mesot xi
Foreword by Fritz Steinmann xiii
Preface xv
How to Read This Book xvii
Acknowledgments xix
1 Introduction 1
1.1 Today's Internet . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Goals for a Secure Internet Architecture . . . . . . . . . . . 9
I SCION Core Components 15
2 Overview 17
2.1 Infrastructure Components . . . . . . . . . . . . . . . . . . 20
2.2 Authentication . . . . . . . . . . . . . . . . . . . . . . . . 21
2.3 Control Plane . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.4 Data Plane . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.5 ISD and AS Numbering . . . . . . . . . . . . . . . . . . . 31
3 Authentication 35
3.1 The Control-Plane PKI (CP-PKI) . . . . . . . . . . . . . . 36
3.2 DRKey: Dynamically Recreatable Keys . . . . . . . . . . . 52
3.3 SCION Packet Authenticator Option . . . . . . . . . . . . . 61
4 Control Plane 65
4.1 Path-Segment Construction Beacons (PCBs) . . . . . . . . 66
4.2 Path Exploration (Beaconing) . . . . . . . . . . . . . . . . 69
4.3 Path-Segment Registration . . . . . . . . . . . . . . . . . . 71
4.4 PCB and Path-Segment Selection . . . . . . . . . . . . . . 73
4.5 Path Lookup . . . . . . . . . . . . . . . . . . . . . . . . . 80
4.6 Service Discovery . . . . . . . . . . . . . . . . . . . . . . 87
4.7 SCION Control Message Protocol (SCMP) . . . . . . . . . 89
5 Data Plane 93
5.1 Inter- and Intra-domain Forwarding . . . . . . . . . . . . . 94
5.2 Packet Format . . . . . . . . . . . . . . . . . . . . . . . . 95
5.3 Path Authorization . . . . . . . . . . . . . . . . . . . . . . 96
5.4 The SCION Path Type . . . . . . . . . . . . . . . . . . . . 101
5.5 Path Construction (Segment Combinations) . . . . . . . . . 104
5.6 Packet Initialization and Forwarding . . . . . . . . . . . . . 115
5.7 Path Revocation . . . . . . . . . . . . . . . . . . . . . . . 120
5.8 Data-Plane Extensions . . . . . . . . . . . . . . . . . . . . 124
II Analysis of the Core Components 127
6 Functional Properties and Scalability 129
6.1 Dependency Analysis . . . . . . . . . . . . . . . . . . . . . 130
6.2 SCION Path Policy . . . . . . . . . . . . . . . . . . . . . . 135
6.3 Scalability Analysis . . . . . . . . . . . . . . . . . . . . . 148
6.4 Beaconing Overhead and Path Quality . . . . . . . . . . . . 150
7 Security Analysis 157
7.1 Security Goals and Properties . . . . . . . . . . . . . . . . 1587.2 Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 161
7.3 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
7.4 Control-Plane Security . . . . . . . . . . . . . . . . . . . . 165
7.5 Path Authorization . . . . . . . . . . . . . . . . . . . . . . 170
7.6 Data-Plane Security . . . . . . . . . . . . . . . . . . . . . 172
7.7 Source Authentication . . . . . . . . . . . . . . . . . . . . 174
7.8 Absence of Kill Switches . . . . . . . . . . . . . . . . . . . 176
7.9 Other Security Properties . . . . . . . . . . . . . . . . . . . 179
7.10 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
III Achieving Global Availability Guarantees 183
8 Extensions for the Control Plane 185
8.1 Hidden Paths . . . . . . . . . . . . . . . . . . . . . . . . . 185
8.2 Time Synchronization . . . . . . . . . . . . . . . . . . . . 190
8.3 Path Metadata in PCBs . . . . . . . . . . . . . . . . . . . . 197
9 Monitoring and Filtering 203
9.1 Replay Suppression . . . . . . . . . . . . . . . . . . . . . . 204
9.2 High-Speed Traffic Filtering with LightningFilter . . . . . . 207
9.
Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.
À propos de l?auteur
Laurent Chuat is a postdoctoral researcher in the Network Security Group at ETH Zurich, where most of his research focuses on authentication and public-key infrastructures. He obtained his PhD in computer science from ETH Zurich in 2020 and co-authored the book "SCION: A Secure Internet Architecture."
Markus Legner is a senior researcher and lecturer in the Network Security Group, where he is conducting research on the design and verification of security protocols. He holds a Bachelor's degree in computer science from ETH Zurich as well as a doctorate in theoretical physics.
David Basin is a professor of computer science at ETH Zurich and was head of the department from 2019 to 2020. David received his PhD in computer science from Cornell University in 1989 and his Habilitation in computer science from the University of Saarbrücken in 1996. From 1997 to 2002, he held the Chair of Software Engineering at the University of Freiburg in Germany. He is the founding director of the Zurich Information Security Center (ZISC).David Hausheer is a professor at the Faculty of Computer Science at Otto von Guericke University Magdeburg, where he leads the Networks and Distributed Systems Lab. He received his degree in electrical engineering from ETH Zurich in 2001. Since 2001, he participated in numerous European Union projects. He obtained his PhD in 2005 and was then employed as a senior researcher and lecturer in the Department of Informatics (IFI) at the University of Zurich.
Samuel Hitz holds a Master's degree in computer science from ETH Zurich and is the current CTO and previous CEO of Anapaya, which he co-founded with Adrian Perrig, David Basin, and Peter Müller. He has worked on the implementation of SCION and, together with Anapaya's customers, on the real-world deployment and operation of an enterprise-oriented SCION network.
Peter Müller has been a professor of computer science at ETH Zurich since 2008. Before joining ETH Zurich, he worked as an IT project manager at Deutsche Bank in Frankfurt and held a position as researcher at Microsoft Research. Peter Müller is working on programming languages, methods, and tools with the goal of enabling programmers to develop correct software.Adrian Perrig is a professor at the Department of Computer Science at ETH Zurich, where he leads the Network Security Group. He is also an adjunct professor of electrical and computer engineering at Carnegie Mellon University. From 2007 to 2012, he served as the technical director for Carnegie Mellon's CyLab. During that time, he led a research project aimed at building a next-generation Internet architecture, which was later renamed SCION.
Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.
Autres éditions populaires du même titre
Résultats de recherche pour The Complete Guide to Scion: From Design Principles...
Image d'archives
The Complete Guide to SCION: From Design Principles to Formal Verification (Information Security and Cryptography)
Edité par
Springer, 2022
ISBN 10 : 3031052870
ISBN 13 : 9783031052873
Ancien ou d'occasion
Couverture rigide
Vendeur : Fachbuch-Versandhandel, Freiburg, Allemagne
Évaluation du vendeur 5 sur 5 étoiles
Springer-Verlag, Hardcover, sehr guter Zustand, leichte Lagerspuren, Widmung im Vorsatz, Auflage 2022, h4. N° de réf. du vendeur ZQ-WUWE-ZB7K
Acheter D'occasion
EUR 54
Expédition à EUR 24,90
Expédition depuis Allemagne vers Etats-Unis
Expédition depuis Allemagne vers Etats-Unis
Quantité disponible : 1 disponible(s)
Image d'archives
The Complete Guide to SCION: From Design Principles to Formal Verification (Information Security and Cryptography) Chuat, Laurent; Legner, Markus; Basin, David; Hausheer, David; Hitz, Samuel; Müller, Peter and Perrig, Adrian
Edité par
Springer, 2022
ISBN 10 : 3031052870
ISBN 13 : 9783031052873
Ancien ou d'occasion
Couverture rigide
Vendeur : online-buch-de, Dozwil, Suisse
Évaluation du vendeur 5 sur 5 étoiles
Hardcover May 17, 2022. Etat : gebraucht; wie neu. Hardcover, neuwertig. N° de réf. du vendeur 84-3-37
Acheter D'occasion
EUR 71
Expédition à EUR 36
Expédition depuis Suisse vers Etats-Unis
Expédition depuis Suisse vers Etats-Unis
Quantité disponible : 1 disponible(s)
Image d'archives
Chuat:The Complete Guide to SCION (eng)
impression à la demandeVendeur : Brook Bookstore On Demand, Napoli, NA, Italie
Évaluation du vendeur 5 sur 5 étoiles
Etat : new. Questo è un articolo print on demand. N° de réf. du vendeur Y1JSJT0D8C
Acheter neuf
EUR 110,26
Expédition à EUR 11
Expédition depuis Italie vers Etats-Unis
Expédition depuis Italie vers Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image d'archives
The Complete Guide to SCION: From Design Principles to Formal Verification (Information Security and Cryptography)
Vendeur : Lucky's Textbooks, Dallas, TX, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur ABLIING23Mar3113020035542
Acheter neuf
EUR 131,42
Expédition à EUR 3,43
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image fournie par le vendeur
Complete Guide to Scion : From Design Principles to Formal Verification
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur 44532452-n
Acheter neuf
EUR 132,61
Expédition à EUR 2,27
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image d'archives
The Complete Guide to SCION: From Design Principles to Formal Verification (Information Security and Cryptography)
Vendeur : California Books, Miami, FL, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur I-9783031052873
Acheter neuf
EUR 147,84
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image d'archives
The Complete Guide to SCION: From Design Principles to Formal Verification (Information Security and Cryptography)
Vendeur : Ria Christie Collections, Uxbridge, Royaume-Uni
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. In. N° de réf. du vendeur ria9783031052873_new
Acheter neuf
EUR 135,68
Expédition à EUR 13,81
Expédition depuis Royaume-Uni vers Etats-Unis
Expédition depuis Royaume-Uni vers Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image fournie par le vendeur
Complete Guide to Scion : From Design Principles to Formal Verification
Vendeur : GreatBookPricesUK, Woodford Green, Royaume-Uni
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur 44532452-n
Acheter neuf
EUR 135,67
Expédition à EUR 17,29
Expédition depuis Royaume-Uni vers Etats-Unis
Expédition depuis Royaume-Uni vers Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image fournie par le vendeur
Complete Guide to Scion : From Design Principles to Formal Verification
Edité par
Springer, 2022
ISBN 10 : 3031052870
ISBN 13 : 9783031052873
Ancien ou d'occasion
Couverture rigide
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : As New. Unread book in perfect condition. N° de réf. du vendeur 44532452
Acheter D'occasion
EUR 154,56
Expédition à EUR 2,27
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image fournie par le vendeur
The Complete Guide to SCION
Edité par
Springer International Publishing Mai 2022, 2022
ISBN 10 : 3031052870
ISBN 13 : 9783031052873
Neuf
Couverture rigide
Vendeur : BuchWeltWeit Ludwig Meier e.K., Bergisch Gladbach, Allemagne
Évaluation du vendeur 5 sur 5 étoiles
Buch. Etat : Neu. This item is printed on demand - it takes 3-4 days longer - Neuware -When the SCION project started in 2009, the goal was to create an architecture offering high availability and security for basic point-to-point communication.In the five years since the publication ofSCION: A Secure Internet Architecture,this next-generation Internet architecture has evolved in terms of both design and deployment.On the one hand, there has been development of exciting new concepts and systems, including a new global time-synchronization system, an inter-domain approach for bandwidth reservations called COLIBRI, and Green Networking, which allows combating global climate change on three fronts. On the other hand, SCION is now also in production use by the Swiss financial ecosystem, and enables participants such as the Swiss National Bank, the Swiss provider of clearing services (SIX), and all Swiss financial institutes to communicate securely and reliably with each other via the Secure Swiss Finance Network.This unique guidebook provides an updated description of SCION's main components, covering new research topics and the most recent deployments. In particular, it presents in-depth discussion of formal verification efforts. Importantly, it offers a comprehensive, thorough description of the current SCION system:Describes the principles that guided SCION's design as a secure and robust Internet architectureProvides a comprehensive description of the next evolution in the way data finds its way through the InternetExplains how SCION can contribute to reducing carbon emissions, by introducing SCION Green NetworkingDemonstrates how SCION not only functions in academic settings but also works in production deploymentsDiscusses additional use cases for driving SCION's adoptionPresents the approaches for formal verification of protocols and codeIllustrated with many colorful figures, pictures, and diagrams, allowing easy access to the concepts and use casesAssembled by a team with extensive experience in the fields of computer networks and security, this text/reference is suitable for researchers, practitioners, and graduate students interested in network security. Also, readers with limited background in computer networking but with a desire to know more about SCION will benefit from an overview of relevant chapters in the beginning of the book. 680 pp. Englisch. N° de réf. du vendeur 9783031052873
Acheter neuf
EUR 139,09
Expédition à EUR 23
Expédition depuis Allemagne vers Etats-Unis
Expédition depuis Allemagne vers Etats-Unis
Quantité disponible : 2 disponible(s)