Outline. XIA!Vision. P1:!Evolvable!Set!of!Principals. expressive Internet!Architecture Security!Architecture 5/26/2011. Security!

Similar documents
Outline. Predicting the Future is Hard! The expressive Internet Architecture: From Architecture to Network. We love all of them!

NSF Future Internet Architecture. Outline. Predicting the Future is Hard! The expressive Internet Architecture: from Architecture to Network

XIA: An Architecture for a Trustworthy and Evolvable Internet

XIA: An Architecture for a Trustworthy and Evolvable Internet

A Routing Infrastructure for XIA

Outline. Narrow Waist of the Internet Key to its Success. expressive Internet Architecture: Overview and Next Phase. Three Simple Ideas 9/13/2014

expressive Internet Architecture:

Narrow Waist of the Internet Key to its Success. NSF Future Internet Architecture. The expressive Internet Architecture: From Architecture to Network

XIA: Lessons Learned and Open Issues

SCION: Scalability, Control and Isolation On Next-Generation Networks

SharkFest'17 US. Experience with the expressive Internet Architecture. Peter Steenkiste Carnegie Mellon University

Future Internet CMU XIA & SCION

SCION: Scalability, Control and Isola2on On Next- Genera2on Networks

SCION: A Secure Multipath Interdomain Routing Architecture. Adrian Perrig Network Security Group, ETH Zürich

HIP Host Identity Protocol. October 2007 Patrik Salmela Ericsson

XIA: An Architecture for an Evolvable and Trustworthy Internet

XIA: Efficient Support for Evolvable Internetworking

SCION: PKI Overview. Adrian Perrig Network Security Group, ETH Zürich

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Abstractions for Routing. Abstractions for Network Routing

Towards Deployment of a Next- Generation Secure Internet Architecture

This presentation covers Gen Z s Security capabilities.

SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich

A Policy Framework for a Secure

Usability, Security and Privacy

Trust. Trustworthiness Trusted. Trust: Who? What? When? Why? How?

Verified Secure Routing

Secure Routing for Mobile Ad-hoc Networks

Next Generation Network Architectures. Srinivasan Seshan!

A SIMPLE INTRODUCTION TO TOR

Deliverable D8.4 Certificate Transparency Log v2.0 Production Service

Adding Path Awareness to the Internet Architecture

Bootstrapping evolvability for inter-domain routing with D-BGP. Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste

A Polymorphic Network Architecture based on Autonomous Domains DIANA. Domain-Insulated Autonomous Network Architecture

Inter-domain routing validator based spoofing defence system

RCS OVERVIEW. Fábio Moraes GSMA October 2018 Future Networks Programme

Network Security: IPsec. Tuomas Aura

The Case for Separating Routing from Routers

Sanctuary Trail: Refuge from Internet DDoS Entrapment

Formal Methods for Assuring Security of Computer Networks

Network Security. Thierry Sans

Efficient and Secure Source Authentication for Multicast

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Transport Layer Security

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

Architectural Principles of the Internet

EFFECTIVE SERVICE PROVIDER DDOS PROTECTION THAT SAVES DOLLARS AND MAKES SENSE

Security in ECE Systems

Open mustard seed. Patrick Deegan, Ph.D. ID3

Integrated Services. Integrated Services. RSVP Resource reservation Protocol. Expedited Forwarding. Assured Forwarding.

Security and Privacy in Computer Systems. Lecture 7 The Kerberos authentication system. Security policy, security models, trust Access control models

Important Lessons From Last Lecture Computer Networking. Outline. Routing Review. Routing hierarchy. Internet structure. External BGP (E-BGP)

COMPUTER NETWORK SECURITY

Based on material produced by among others: Sanjay Pol, Ashok Ramaswami, Jim Fenton and Eric Allman

Cryptography and Network Security

OS Security IV: Virtualization and Trusted Computing

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper

Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric

Steven M. Bellovin AT&T Labs Research Florham Park, NJ 07932

Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures

Executive Summary. (The Abridged Version of The White Paper) BLOCKCHAIN OF THINGS, INC. A Delaware Corporation

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

Fixed Internetworking Protocols and Networks. IP mobility. Rune Hylsberg Jacobsen Aarhus School of Engineering

Network Security. Security of Mobile Internet Communications. Chapter 17. Network Security (WS 2002): 17 Mobile Internet Security 1 Dr.-Ing G.

Lecture 18: Border Gateway Protocol

Advanced iscsi Management April, 2008

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Active Directory trust relationships

Lecture 17: Border Gateway Protocol

IHE Change Proposal. Tracking information: Change Proposal Status: Date of last update: Sep 13, 2018 Charles Parisot, Vassil Peytchev, John Moehrke

Direct, DirectTrust, and FHIR: A Value Proposition

eid Interoperability for PEGS WS-Federation

Packet Switching. Packet Switching What Issues Will We Focus On? COMP Jasleen Kaur. September 2, Networked and Distributed Systems

Wireless Network Security Spring 2015

Operational Security Requirements or Give Us The Knobs We Need

Provisioning secure Identity for Microcontroller based IoT Devices

Next Week. Network Security (and related topics) Project 3 Q/A. Agenda. My definition of network security. Network Security.

Network Security (and related topics)

5 OAuth EssEntiAls for APi AccEss control layer7.com

Cryptography and Network Security Chapter 1

05 - WLAN Encryption and Data Integrity Protocols

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Automotive Security An Overview of Standardization in AUTOSAR

Internetwork Expert s CCNA Security Bootcamp. Mitigating Layer 2 Attacks. Layer 2 Mitigation Overview

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Lecture 16: Border Gateway Protocol

Configuring F5 for SSL Intercept

Advanced Systems Security: Principles

CSE 461: Bridging LANs. Last Topic

A Future Internet Architecture Based on De-Conflated Identities

Autokey Version 2 Specification

Upcoming EC Systems Research Perspectives

Internet Indirection Infrastructure

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas

Office Hours and Locations. Vyas: Th 15:30--17:00 or by appointment, CIC 2122 Zach: Mon 17:00--18:00, CIC 2214 Tiffany: Tu 16:00--17:00, CIC 2214

Intel Unite Solution 3.0 and Protected Guest Access. Security Development Summary

M. AMBROSIN ET AL. 1. Security and Privacy Analysis of NSF Future Internet Architectures

SENSS Against Volumetric DDoS Attacks

CSCE 715: Network Systems Security

Internet Research Task Force (IRTF) Category: Informational May 2011 ISSN:

Transcription:

expressive Internet!Architecture Security!Architecture Dave!Andersen,!Adrian!Perrig,!Peter!Steenkiste David!Eckhardt,!Sara!Kiesler,!Jon!Peha,!Srini Seshan,! Marvin!Sirbu,!Hui Zhang Carnegie!Mellon!University Aditya Akella,!University!of!Wisconsin JohnByers John!Byers,!Boston!UniversityBoston Brief!XIA!overview Security!architecture Outline Requirements XIA!principles!and!concepts Supporting!basic!security!properties Security!research!overviewresearch FIA!PI!meeting Oakland,!May!25"26,!2011 1 2 XIA!Vision We!envision!a!future!Internet!that: Is!trustworthy Security!broadly!defined!is!the!biggest!challenge d d i th bi t h ll Supports!long"term!evolution!of!usage!models Including!host"host,!content!retrieval,!services,!! Supports!long!term!technology!evolution Not!just!for!link!technologies,!but!also!for!storage!and! computing!capabilities!in!the!network!and!end"points p p Allows!all!actors!to!operate!effectively Despite!differences!in!roles,!goals!and!incentives P1:!Evolvable!Set!of!Principals Specifying!intent!allows!future!network! support!to!optimize!performance,!efficiencyto optimize performance, efficiency No!need!to!force!all!communication!at!a!lower! level!(hosts),!as!in!today s!internet Allows!the!network!to!evolve Content a581fe9... Services d9389fa Security central to all four aspects! 3 Host 024e881 Future Entities 39c0348 4 1

P2:!Security!as!Intrinsic!as!Possible Security!properties!are!a!direct!result!of!the! design!of!the!system Do!not!rely!on!correctness!of!external! configurations,!actions,!data!bases Malicious!actions!can!be!easily!identified Host 024e881 Content a581fe9... Services d9389fa Future Entities 39c0348 5 Other!XIA!Principles Narrow!waist!for!trust!management Intrinsically!secure!identifiers!must!match!the!usersecure identifiers match the user s!trust! assumptions!and!intensions Narrow!waist!allows!leveraging!diverse!mechanisms!for! trust!management:!cas,!reputation,!personal,! Narrow!waist!for!all!principals Defines!the!API!between principals!and network!protocol! mechanisms All!other!network!functions!are!explicit!services XIA!provides!a!principal!type!for!services!(visible) Keeps!the!architecture!simple!and!easy!to!reason!about 6 XIA:!eXpressive Internet!Architecture Each!communication!operation!expresses intent!of operations Also:!explicit!trust!management,!APIs!among! actors XIA!is!a!single!inter"network!in!which!all! principals!are!connected Not!a!collection!of!architectures!implemented! of architectures implemented through,!e.g.,!virtualization!or!overlays Not!based!on!a! preferred!principal!(host!or! content),!that!has!to!support!all!communication What!Do!We!Mean!by!Evolvability? Narrow!waist!of!the!Internet!has!allowed!the! network!to!evolve!significantlyto evolve But!need!to!evolve!the!waist!as!well! Can!make!the!waist!smarter IP: Evolvability of: Applications Link technologies XIA adds evolvability at the waist: Applications Evolving set of principals Link technologies 7 8 2

Evolvability Introduction!of!a!new!principal!type!must!be! incremental! no! flag!day! Not!all!routers!and!ISPs!will!provide!support!from!day!one No!universal!connectivity Some!ISPs!may!never!support!certain!principal!types Solution!is!to!provide!an!. intent and!fallback address CID Intent!address!allows!in" AD:HID network!!optimizations!based! AD:HID on!user!intent. Fallback!address!is!guaranteed! Payload to!be!reachable 9 Generalizing!Evolvable! Address!Format Use!a!directed!acyclic!graph!to!represent!address Router!traverses!the!DAG! traverses the Priority!among!edges AD 1 AD 2 Fallback DAG!format!supports!many!addressing!styles Shortcut!routing,!binding,!source!routing,!infrastructure! evolution,!.. Common!case:!small!dag,!most!routers!look!at!one!XID CID Intent 10 XIA!Security!in!the!Real!World? Relationship!among!providers Impact!of!multiple!principals,!new!routing! multipleprincipals new routing paradigms,!etc.!on!economic!incentives Net!neutrality,!audit!trails!for!billing!purposes,! Interfaces!for!applications!and!users User s!trust!in! the!network!affects!what!tasks! they!are!willing!to!use!it!for: i What!makes!people!trust!information!they!obtain?! Why!would!they!make!data!available? What!about!privacy? 11 XIA!Components!and!Interactions "Network!!User"Network Network" Host Support Users Applications Content Support Services Services Support expressive Internet!Protocol Intrinsic Security rthy!network!operation Trustwor 12 3

Trust Management Network Operations Cross"Cutting!Themes!are Heavy!on!Security User trust Incentives Provider Relationships Forwarding Trust Policy Users Core!! Network Transparency Control Privacy Control Points Policy and! Economics Verifiable Actions Brief!XIA!overview Security!architecture Outline Requirements XIA!principles!and!concepts Supporting!basic!security!properties Security!research!overviewresearch 13 14 XIA!Security A!key!feature!of!XIA!is!flexibility, thus,!the! architecture!can!be!extended!in!ways!we! t t d i cannot!anticipate XIA!security depends!on Underlying!architecture XIA!extension!principals!and!mechanisms principalsand Specific!extensions!future!designers!choose Consequently,!detailed!security!analysis! depends!on!specific!principal!types 15 XIA High"Level!Security!Goals Support!today's!Internet"style!host"to"host! communication!with!drastically!improved! improved security Provide improved!security!for!two!classes!of! communication!we!anticipate!being! important:!content!retrieval!&!accessing! services Provide groundwork!for!future!extensions!to! make!good!decisions!w.r.t.!security!and! availability 16 4

Main!Security!Properties Availability Communication!availability!(hosts!and!services) Finding!nearby!contents!and!services Defenses!against!DoS attacks Authenticity!/!integrity Authentication!of user,!host,!domain,!service,!content Authentication!and!Accountability Both!authorization!and!deterrence,!respectively and deterrence, respectively Secrecy!of!identity,!anonymity,!privacy Sender!/!receiver!privacy!if!desired Trust!management How!to!set!up!trust!relations,!roots!of!trust XIA!Security! Design!Principles Well"foundedness:!Identifiers,!associations!match! user s!intent t Fault!isolation:!Good!design!reduces!dependencies,!! insulates!correct!portions!of!network!operation!from! incorrect/malicious Fine"grain!control:!Allow!users!to!specify!their!intent Explicit!chain!of!trust:!Allow!users!to!understand!the! basis!for!trust,!underlying!assumptions 18 Security"relevant!XIA!Mechanisms Multiple!principal!types Intrinsically!secure!identifiers i id ifi Flexible!trust!management 19 Security"Relevant!XIA!Mechanisms Multiple!Principal!Types Hosts!XIDs!support!host"based!communication! (like!ip)! Who!is!talking? Service!XIDs!route!to!(possibly!replicated)!services Identify!what!the!service!does!and!who!provides!it Content!XIDs!specify!specific!chunks!of!content p Identify!what!the!content!is Autonomous!domains!allow!scoping,!hierarchy Intrinsically!Secure!Identifiers Flexible!Trust!Management 20 5

Security"Relevant!XIA!Mechanisms Multiple!principal!types Intrinsically!secure!identifiers Self"certifying!or!self"verifiable!identifiers Guarantee!security!properties!once!you!know!the!ID e.g.,!host!xid!is!hash(public!key) Knowing!host!ID,!can!validate!public!key,!and!bootstrap! signatures!&!encryption Content!ID!is!a!hash!of!the!content! correctness Does!not!rely!on!external!configuration Key!question:!Bridging!from! human!id!to!intrinsic!id!.. Flexible!trust!management 21 Security"Relevant!XIA!Mechanisms Multiple!principal!types Intrinsically!secure!identifiers Flexible!trust!management Name!resolution:!!Name!">!secure!XID Trust!bootstrapping!between!communicating!entities Should!support!many!sources!of!trust:!!CAs,!DNSSEC" like!mechanisms,!pgp!model,! perspectives "like! trust!models,!physical!interaction,!etc. Goal:!!Create!a! Narrow!waist!" minimal!/!flexible!api!for! trust!management Needs!to!involve!users;!!how!to!communicate!relevant! information!and!decisions? 22 Design Principles Allow verification of integrity at the highest semantic level possible Make integrity intrinsic so that it s easy for any component in the system to verify XIA Mechanisms Multiple!principal!types Allow!users!to!express!highest"level!intent Intrinsically!secure!principals Verify!that!your!intent!was!actually!met Flexible!trust!management Allow!many!ways!to!bootstrap!trust!from!human" level!id!to!intrinsically!secure!id 6

Per-principal integrity IP!expresses:!!Packet!P!from!host!A!to!B IPSec!can!sign!contents!of!packet XIA!expresses: Content!!!ID!=!hash(content) Integrity:!!Verify!hash Services!&!hosts!!!ID!=!hash(service public!key) Integrity:!!Verify!signature Future!types!!!ID!=!<your!idea!here> Design Principle Choice of path, source + replication provide robustness Source 1 Receiver Can survive failure/dos of any one link or server Source 2 (More on resource isolation later in talk) XIA Mechanisms Multiple!principal!types Any!source!that!has!the!capability!to!satisfy!your! intent!can!do!so. Intrinsically!secure!principals Satisfy!intent!even!from!untrusted sources Flexible!trust!management Fallback!mechanisms!for!trust!establishment,!e.g.,! out"of"band!via!cellphone,!etc. Content Example Express!intent:!!Content!ID!CID Retrieve!from!any!cache,!Akamai replica,!origin! server,!or!your!neighbor Your!intent!is!content,!not!a!particular!source... Use!of!replication!require!integrity:!Detect!fake! i i i i fk source!by!checking!the!hash Need!mechanism!to!then!avoid!that!source!for! the!next!request!is!valid 7

Next few years question: Service Replication Hash(service!public!key) Any!replica!that!knows!private!key!can!provide!service Easy!step:!!Accessing!already"replicated!services Future:!!Combine!with!trusted!computing!to!create!a! TrustedCDN for!wide"area,!mutually!isolated!service! replication? XIA Mechanisms Multiple!principal!types Expresses!user s!intent Expressiveness!versus!revealing!intent Intrinsically!secure!principals If!you!know!the!sender/receiver!ID,!you!know!a! ID k key!to!use!for!encryption Flexible!trust!management Provide!many!ways!to!reliably!obtain that!id XIA Mechanisms Multiple principal types Higher semantic level may provide stronger level of accounting Intrinsically secure principals Authentication per principal type Provides a basis for irrefutable, verifiable statements, e.g., audit trails Flexible trust management Scope which IDs we trust and how Multiple Principals Intrinsic Security Flexible Trust Management 8

Example!of!Secure!Mobile! Service!Access X AD BoF SID BOF! S2 Server S: HID S SID BoF AD BoF :SID BoF AD C Server S2: HID S2 SID BoF Register bof.com -> AD BOF :SID BOF XIA!Internet AD C2 SID Resolv bof.com! AD BOF :SID BOF Brief!XIA!overview Security!architecture Outline Requirements XIA!principles!and!concepts Supporting!basic!security!properties Security!research!overviewresearch Client C: HID C SID C Client C: HID C SID C Name Resolution Service 33 34 Security!Focus!for!XIA XIA!Security"related!Research Important!network!security!aspects Core!network!security!properties Trust!management Trustworthy!network!operations,!provider" provider!relations,!public!policy User!trust!in!the!network Deemphasized!areas:!host!security,!DRM Hope!to!learn!from!teams!working!on!these!topics Network Ops Provider" Provider Comm. Trust! Management Narrow!Waist XIA!based!core!network Multiple!Principal!Types Intrinsic!Security Users Secure! User Comm. 35 36 9

Initial!Results XIA!Security!in!the!Real!World Trust!management User!trust!in!the!network Enable!content!delivery SCION:!network!level!resource!isolation!and! path!selection Flexible!Trust!Management How!can!users!establish!trust!in!Internet! entities!and!resources? Service,!data,!content!provider Individuals!(email!address,!Twitter!data,!etc.) Flexible!approaches Leverage!existing!PKI!mechanismexisting PKImechanism Perspectives:!age"based!trust Usage"based!trust:!social!network"based!trust Local!trust!establishment!between!users 37 38 Who!is!the!User? Traditional!focus!of!network API!is!to!support!robust! application!development Users!do!not!directly interact!with!network XIA!Internet Application Network API Separate!user!view!from!application!API A!broader!perspective!on!what!people!know! p p p about!internet!behavior!at!different!levels Network,!other!users,!third!parties,!etc. How!Users!See! Information!Dissemination Visibility!of!users,!transactions,!and!content! changes! Source Dissemination Feedback i Access User 39 10

Trust!Management!Example Users!are!interested!in!common!identities! across!sites,!services,!organization,!etc. i i ti t However,!anonymity!important!in!some!contexts Can!improve!trust!in!content E.g.,!Wikipedia!article!authored!by!a!NYT! journalist Also!of!interest!to!service!providers Can!simplify!tracking!interests,!managing!joint! promotions,!etc. But!may!be!perceived!differently!by!users 41 Supporting!Content!Delivery Today s!cdns!are!based!on!contracts!between!cdn!and!a! relatively!small!number!of!customers Contract!is!basis!for!trust CIDs!open!the!door!for!widespread!use!of!caches,!but! d f h what!are!the!economic!incentives!for!!deploying!caches!in! different!types!of!networks? Reducing!cost Potentially!new!revenue!streams:!publisher!payments What!security!protocols!are!needed!to!support! economically!viable!deployment? Tracking!cache!hits!in!verifiable!way How!to!scale!contract!establishment!to!XIA!distribution!model 42 SCION!Architectural!Goals Scalability,!Control,!and!Isolation!on!Next"generation!networks! (SCION) High!availability,!even!for!networks!with!malicious!parties Explicit!trust!for!network!operations Minimal!TCB:!limit!number!of!entities!that!need!to!be!trusted! for!any!operation Strong!isolation!from!untrusted parties Operate!with!mutually!distrusting!entities No!single!root!of!trust Enable!route!control!for!ISPs,!receivers,!senders Simplicity,!efficiency,!flexibility,!and!scalability 43 " Localization!of!attacks Wish!List!(1):!Isolation " Scalable!and!reliable!routing!updates " Operate!with!mutually!distrusting!entities!without!a!global!single!root!of!trust A! B D C Attacks (e.g.,!bad!routes)! M! L3! PSC CMU I2 44 11

Wish!List!(2):!Balanced!Control Wish!List!(3):!Explicit!Trust " Source:!select!paths!to!send!packets " Destination:!select!paths!to!receive!packets selectpaths to packets " Transit!ISPs:!select!paths!to!support " Support!rich!policies!and!DDoS!defenses!!! " Know!who!needs!to!be!trusted " Select!whom!to!trust to trust " Confidence!in!selected!paths " Enforceable!accountability!!! X Y Z Internet A B D Hide!the!peering! link!from!cmu C Please!reach!me! Use!Level!3! via!a!or!b by!default L3 PSC I2 CMU 45 45 Level!3 Who!will!forward Go!through!X!and!Z,! Packets!on!the!path? but!not!y PSC CMU I2 46 SCION!Architectural!Goals High!availability,!even!for!networks!with!malicious!parties Explicittrust Explicit!trust!for!network!operations operations Minimal!TCB:!limit!number!of!entities!that!need!to!be!trusted! for!any!operation Strong!isolation!from!untrusted!parties Operate!with!mutually!distrusting!entities No!single!root!of!trust Enable!route!control!for!ISPs,!receivers,!senders Simplicity,!efficiency,!flexibility,!and!scalability SCION!Architecture!Overview " Trust!domain!(TD)s TD path!srv # Isolation!and!scalabilityand scalability S:!blue!paths D:!red!paths " Path!construction TD!Core PCB PCB PCB # Path!construction! beacons!(pcbs) " Path!resolution # Control # Explicit!trust " Route!joining!(shortcuts) # Efficiency,!flexibility Source Destination 47 48 12

Hierarchical!Decomposition " Split!the!network!into!a!set of!trust!domains!(td) TD:!isolation!of!route! t TD!cores:!interconnected! t computation large!isps core core Down"paths Up"paths Path!Construction :!interface :!Opaque!field :!expiration!time :!signature =!!!!!! MAC(!!!!!!!) TD!Core =!SIG(!!!!!!!!!!!!!!!!!) PCB =!!!!!!!!!!!MAC(!!!!!!!!!!!!!!!!!) PCB A =!SIG(!!!!!!!!!!!!!!!!!!!!!!!!!!!) AD:!atomic! failure!unit Destination Source 49 =!!!!!!!!!!!MAC(!!!!!!!!!!!!!!!!!) =!SIG(!!!!!!!!!!!!!!!!!!!!!!!!!!!) Embed!into!pkts PCB B PCB C 50 Isolation SCION!Security!Benefits Scalability, freshness Path replay attack Collusion attack Single root of trust Trusted Computing Base Path Control S-BGP etc Whole Internet SCION TD Core and on-path ADs Source End-to-end control Only up-path Destination No control Inbound paths DDoS Open attacks Enable defenses Ongoing!and!Future!Work Study!security!interactions!among!principal! types Availability!for!content!and!service!types Accountability!for!content!origin Mechanisms!for!trust!management Support!transparency!for!users Privacy!/!anonymity:!in"network,!overlay,! 51 52 13

Conclusions Core!XIA security!mechanisms! Intrinsically!secure!identifiers Multiple!principal!types Flexible!trust!management!help!support!basic!security!properties Integrity,!secrecy,!availability,!accountability Used!as!the!basis!for!security!protocols! supporting!trustworthy!network!operations! and!to!improve!user!trust SCION,!caching,!improving!user!trust,! 53 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback