关键词: 域间路由 安全 策略 协议增强 监测 能力模型

Abstract:

Based on the thorough analysis of secure threats of interdomain routing systems, the paper proposes a systematic approach to improving system security , which integrates policy checker, protocol enhancement, router robustness design, .behavior monitoring and security testing. The security capability model of inter-domain routing is built, and the relations between different security methods and their deployment are discussed. The designs of some effic ient tools are also presented including configuration verifier, security tester and muting monitor.

Key words: inter-domain routing, security, policy, protocol enhancement, monitoring, capability model