Accountable internet protocol (aip)

Andersen, David G.; Balakrishnan, Hari; Feamster, Nick; Koponen, Teemu; Moon, Daekyeong; Shenker, Scott

doi:10.1145/1402958.1402997

Cited by 175 publications

(119 citation statements)

References 21 publications

Supporting

Mentioning

118

Contrasting

Unclassified

Order By: Relevance

“…Recent work offers stronger protection than that offered by IP. For example, AIP [4] uses cryptographic identifiers as source addresses that can be used to verify that the host identified really did send the packet.…”

Section: Source Address Overloadmentioning

confidence: 99%

“…Accountability and Nothing But The Accountable Internet Protocol (AIP) [4] is a network architecture whose primary objective is accountability. Each host's endpoint identifier (EID) is the cryptographic hash of its public key, and AIP introduces two mechanisms that use these "selfcertifying" EIDs to hold hosts accountable.…”

Section: Previous Workmentioning

confidence: 99%

“…(Many research efforts explore self-certifying IDs [6,27,4,17] which are typically the hashes of a name or public key; we choose 20 bytes since SHA-1 produces 20 byte digests.) Entries identify flows at a host-host granularity, so each one is 120 bytes (two 60 byte addresses).…”

Section: Storage Overheadmentioning

confidence: 99%

“…As described in §3.1, our verify() and shutoff() mechanisms borrow heavily from AIP [4], which in turn based its mechanisms on ideas presented by Shaw [34] and in AITF [5]. By modifying these mechanisms to work with delegates, we make them privacy-preserving, enable long-term resolution, and avoid relying on self-certifying IDs.…”

Section: Related Workmentioning

confidence: 99%

See 3 more Smart Citations

Balancing accountability and privacy in the network

Naylor

Mukerjee

Steenkiste

2014

Proceedings of the 2014 ACM Conference on SIGCOMM

View full text Add to dashboard Cite

Though most would agree that accountability and privacy are both valuable, today's Internet provides little support for either. Previous efforts have explored ways to offer stronger guarantees for one of the two, typically at the expense of the other; indeed, at first glance accountability and privacy appear mutually exclusive. At the center of the tussle is the source address: in an accountable Internet, source addresses undeniably link packets and senders so hosts can be punished for bad behavior. In a privacy-preserving Internet, source addresses are hidden as much as possible.In this paper, we argue that a balance is possible. We introduce the Accountable and Private Internet Protocol (APIP), which splits source addresses into two separate fields -an accountability address and a return address -and introduces independent mechanisms for managing each. Accountability addresses, rather than pointing to hosts, point to accountability delegates, which agree to vouch for packets on their clients' behalves, taking appropriate action when misbehavior is reported. With accountability handled by delegates, senders are now free to mask their return addresses; we discuss a few techniques for doing so.

show abstract

Section: Source Address Overloadmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

Section: Storage Overheadmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Balancing accountability and privacy in the network

Naylor

Mukerjee

Steenkiste

2014

Proceedings of the 2014 ACM Conference on SIGCOMM

View full text Add to dashboard Cite

show abstract

“…Moreover, this reduces complexity of the hardware design. While changing the Internet's addressing structure would require substantial work to deploy, several next-generation routing techniques propose routing on fixed network identifiers rather than prefixes (including AIP [13], HLP [14]), and our virtual address space can be directly translated to AIP or HLP's network identifiers. If changing Internet addressing is not desirable, virtual supernet IDs may be translated to IPv4 prefixes.…”

Section: Simplify Lookupmentioning

confidence: 99%

Better by a HAIR: hardware-amenable Internet routing

Mochizuki¹,

Kiyak²,

Keller³

et al. 2011

Computer Networks

View full text Add to dashboard Cite

Abstract-Routing protocols are implemented in the form of software running on a general-purpose microprocessor. However, conventional software-based router architectures face significant scaling challenges in the presence of ever-increasing routing table growth and churn. Recent advances in programmable hardware and high-level hardware description languages provide the opportunity to implement BGP directly at the hardware layer. Hardware-based implementation allows designs to take advantage of the parallelization and customizability of the underlying hardware to improve performance. As a first step in this direction, we design and implement a hardware-based BGP architecture. To understand the challenges in doing this, we propose an architecture and logical design for the core components of BGP running as a logical circuit in an FPGA. We then enumerate sources of complexity and performance bottlenecks, and derive modifications to BGP that reduce complexity of hardware offloading. Our results based on update traces from core Internet routers indicate an order of magnitude improvement in processing time and throughput.

show abstract

Cooperation and end‐to‐end in the Internet

Kantola

Kabir

Loiseau

2017

Int J Communication

View full text Add to dashboard Cite

Summary This paper analyzes the motivation and strategies for ensuring cooperative behavior among hosts and customer networks in the Internet and 5G networks. The hypothesis is that better cooperation among the benevolent entities could improve the overall Internet welfare, motivating the need for adoption of cooperative security. However, in state of the art, the prevalent security approach in the Internet is based on self‐help, while the adoption of cooperative methods is progressing slowly. At the same time, the ubiquitous reliance on 5G and mission critical nature of some of the new services, for example, ultrareliable (machine‐to‐machine) communication and Internet of things, requires that 5G will do its best to curb the malicious (noncooperative) behavior from becoming a cause of failure to the legitimate services. In this paper, we relate our analysis of the conditions for sustainable cooperation in the Internet with the famous end‐to‐end principle, and present the hypothesis that there is no end‐to‐end solution to the problem of ensuring cooperation among Internet hosts. Game theory allows studying the outcomes of interactions among the players with conflicting interests. We use it to study the hypothesis and show that introducing the reputation of Internet nodes and customer networks can lead to cooperation, which improves the overall Internet welfare and reduces the payoffs of malicious actors. We study the possible response of noncooperative users with advanced defection strategies and the resulting outcomes. We argue that 5G shall make significant progress towards uprooting the selfish behavior and malicious activities using cooperation and relate it with motivation for providing ubiquitous connectivity and ultrareliable services. The paper concludes by summarizing our earlier work on the application of the proposed methods of cooperation to 5G and the Internet; outlining how cooperation in security is not only desirable but also feasible.

show abstract

Accountable internet protocol (aip)

Cited by 175 publications

References 21 publications

Balancing accountability and privacy in the network

Balancing accountability and privacy in the network

Better by a HAIR: hardware-amenable Internet routing

Cooperation and end‐to‐end in the Internet

Contact Info

Product

Resources

About