电信科学 ›› 2013, Vol. 29 ›› Issue (9): 55-59.doi: 10.3969/j.issn.1000-0801.2013.09.010

• 研究与开发 • 上一篇    下一篇

基于本地信任锚点管理的RPKI安全运行机制研究

马迪1,2,沈烁3   

  1. 1 互联网域名系统北京市工程研究中心 北京 100190
    2 北龙中网(北京)科技有限公司 北京 100190
    3 中国互联网络信息中心 北京 100190
  • 出版日期:2013-09-20 发布日期:2017-06-22

Study on RPKI Safeguard Based on Local Trust Anchor Management

Di Ma1,2,Shuo Shen3   

  1. 1 Internet Domain Name System Beijing Engineering Research Centre, Beijing 100190, China
    2 KNET Technologies Co., Ltd., Beijing 100190, China
    3 China Internet Network Information Centre, Beijng 100190, China
  • Online:2013-09-20 Published:2017-06-22

在线阅读

6

PDF下载

743

摘要:

摘要:基于互联网当前的码号资源(IPv4地址、IPv6地址和AS 号)分配体系,RPKI 的部署旨在提供一个认证互联网码号资源授权关系的平台,以构建一个安全的域间路由系统。RPKI的出现将域间路由系统安全由技术范畴迁移至运行管理范畴。为了应对RPKI的运行管理风险,一种称为RPKI本地信任锚点的技术应运而生。对基于本地信任锚点的RPKI安全运行机制进行了介绍,分析了该技术的不足,并梳理了RPKI安全运行机制范畴今后可能的研究方向。

关键词: 互联网码号资源管理, 域间路由安全, 网络管理, 网络运行

Abstract:

RPKI is a PKI designed to support validation of claims by current holders of internet number resources (IPv4 addresses, IPv6 addresses and AS numbers), which is employed to establish a secure inter-domain routing system. However, the deployment of RPKI has its own risks falling into the category of operations and management. To give countermeasures, local trust anchor management for RPKI was introduced to build RPKI safeguard. A brief introduction to RPKI safeguard based on local trust anchor management was given, its shortcomings were analyzed and hence the potential research points of RPKI safeguard for the coming future were presented.

Key words: internet number resources management, security of inter-domain routing, network management, network operation

No Suggested Reading articles found!