Design guidelines for robust Internet protocols
作者: Tom Anderson , Scott Shenker , Ion Stoica , David Wetherall
关键词:
摘要: Robustness has long been a central design goal of the Internet. Much initial effort towards robustness focusedon "fail-stop" model, where node failures are complete and easily detectable by other nodes. The Internet is quite robust against such failures, routinely surviving various catastrophes with only limited outages. This largely due to widespread belief in set guidelines for critical decisions as initiate recovery how maintain state.However, remains extremely vulnerable more arbitrary where, through either error or malice, issues syntactically correct responses that not semantically correct. Such some simple misconfigured routing state, can seriously undemnine functioning With playing role global telecommunications infrastructure, this level vulnerability no longer acceptable.In paper we argue make these kinds need change way network protocols. To end, propose six improving protocol design. These emerged from study past examples determining what could have done prevent problem occurring first place. unifying theme behind protocols defensively, expecting malicious attack, misimplementation, misconfiguration at every turn.
acm.org
sci-hub.se 参考文章(21)
R. Braden, Requirements for Internet Hosts - Communication Layers RFC. ,vol. 1122, pp. 1- 116 ,(1989)
K. Ramakrishnan, S. Floyd, D. Black, The Addition of Explicit Congestion Notification (ECN) to IP The Addition of Explicit Congestion Notification (ECN) to IP. ,vol. 3168, pp. 1- 63 ,(2001)
R. Chandra, C. Villamizar, R. Govindan, BGP Route Flap Damping BGP Route Flap Damping. ,vol. 2439, pp. 1- 37 ,(1998)
P. Karn, W. Simpson, Photuris: Session-Key Management Protocol rfc2522. ,vol. 2522, pp. 1- 80 ,(1999)
R. Chandra, T. Bates, E. Chen, BGP Route Reflection - An Alternative to Full Mesh IBGP RFC. ,vol. 1966, pp. 1- 11 ,(1996)
Ratul Mahajan, David Wetherall, Tom Anderson, Understanding BGP misconfiguration Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '02. ,vol. 32, pp. 3- 16 ,(2002) , 10.1145/633025.633027
Stefan Savage, Neal Cardwell, David Wetherall, Tom Anderson, TCP congestion control with a misbehaving receiver ACM SIGCOMM Computer Communication Review. ,vol. 29, pp. 71- 78 ,(1999) , 10.1145/505696.505704
Michael Burrows, Martin Abadi, Roger Needham, A logic of authentication ACM Transactions on Computer Systems. ,vol. 8, pp. 18- 36 ,(1990) , 10.1145/77648.77649
Flavin Cristian, Understanding fault-tolerant distributed systems Communications of The ACM. ,vol. 34, pp. 56- 78 ,(1991) , 10.1145/102792.102801
Jonathan Stone, Craig Partridge, When the CRC and TCP checksum disagree acm special interest group on data communication. ,vol. 30, pp. 309- 319 ,(2000) , 10.1145/347057.347561