research-article

Free access

The SCION internet architecture

Authors:

Raphael M. Reischuk,

Pawel SzalachowskiAuthors Info & Claims

Communications of the ACM, Volume 60, Issue 6

Pages 56 - 65

https://doi.org/10.1145/3085591

Published: 24 May 2017 Publication History

All formats PDF

Abstract

Adhering to the end-to-end principle even more than the current Internet yields highly available point-to-point communication.

References

[1]

Abadi, M., Birrell, A., Mironov, I., Wobber, T., and Xie, Y. Global authentication in an untrustworthy world. In Proceedings of the 14^th Workshop on Hot Topics in Operating Systems (Santa Ana Pueblo, NM, May 13--15). Usenix Association, Berkeley, CA, 2013.

Digital Library

[2]

American Registry for Internet Numbers. Resource Public Key Infrastructure (RPKI); https://www.arin.net/resources/rpki/

[3]

Andersen, D.G., Balakrishnan, H., Feamster, N., Koponen, T., Moon, D., and Shenker, S. Accountable Internet Protocol (AIP). In Proceedings of ACM SIGCOMM (Seattle, WA, Aug. 17--22). ACM Press, New York, 2008.

Digital Library

[4]

Andersen, D.G., Balakrishnan, H., Kaashoek, M.F., and Morris, R. Resilient overlay networks. In Proceedings of the ACM Symposium on Operating Systems Principles (Chateau Lake Louise, Banff, Canada, Oct. 21--24). ACM Press, New York, 2001.

Digital Library

[5]

Arends, R., Austein, R., Larson, M., Massey, D., and Rose, S. DNS Security Introduction and Requirements. RFC 4033 (Proposed Standard), 2005; https://www.ietf.org/rfc/rfc4033.txt

[6]

Basescu, C., Reischuk, R.M., Szalachowski, P., Perrig, A., Zhang, Y., Hsiao, H.-C., Kubota, A., and Urakawa, J. SIBRA: Scalable Internet Bandwidth Reservation Architecture. In Proceedings of Network and Distributed System Security Symposium (San Diego, CA, Feb. 21--24). Internet Society, Reston, VA, 2016.

[7]

Basin, D., Cremers, C., Kim, T. H.-J., Perrig, A., Sasse, R., and Szalachowski, P. ARPKI: Attack Resilient Public-Key Infrastructure. In Proceedings of the ACM Conference on Computer and Communications Security (Scottsdale, AZ, Nov. 3--7). ACM Press, New York, 2014.

Digital Library

[8]

BBC News. Asia communications hit by quake. Dec. 27, 2006; http://news.bbc.co.uk/2/hi/asia-pacific/6211451.stm

[9]

Brown, M. Pakistan Hijacks YouTube; http://research.dyn.com/2008/02/pakistan-hijacks-youtube-1/

[10]

Chen, C., Asoni, D., Barrera, D., Danezis, G., and Perrig, A. HORNET: High-speed onion routing at the network layer. In Proceedings of the ACM Conference on Computer and Communications Security (Denver, CO, Oct. 12--16). ACM Press, New York, 2015.

Digital Library

[11]

Dübendorfer, T., Wagner, A., and Plattner, B. An economic damage model for large-scale Internet attacks. In Proceedings of the 13^th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (University of Modena and Reggio Emilia, Italy, June 14--16). IEEE Press, 2004.

Digital Library

[12]

Electronic Frontier Foundation. SSL Observatory, 2010; https://www.eff.org/observatory

[13]

Farinacci, D., Fuller, V., Meyer, D., and Lewis, D. The Locator/ID Separation Protocol (LISP). RFC 6830, 2013; https://tools.ietf.org/html/rfc6830

[14]

Han, D., Anand, A., Dogar, F., Li, B., Lim, H., Machado, M., Mukundan, A., Wu, W., Akella, A., Andersen, D.G., Byers, J.W., Seshan, S., and Steenkiste, P. XIA: Efficient support for evolvable internetworking. In Proceedings of the Ninth USENIX Symposium on Networked Systems Design and Implementation (San Jose, CA, Apr. 25--27). USENIX Association, Berkeley, CA, 2012.

Digital Library

[15]

Jacobson, V., Smetters, D.K., Thornton, J.D., Plass, M.F., Briggs, N.H., and Braynard, R.L. Networking named content. In Proceedings of the Fifth International Conference on Emerging Networking Experiments and Technologies (Rome, Italy, Dec. 1--4). ACM Press, New York, 2009.

Digital Library

[16]

Katz-Bassett, E., Scott, C., Chones, D., Cunha, I., Valancius, V., Feamster, N., Madhyastha, H., Anderson, T., and Krishnamurthy, A. LIFEGUARD: Practical repair of persistent route failures. In Proceedings of ACM SIGCOMM (Helsinki, Finland, Aug. 13--17). ACM Press, New York, 2012.

Digital Library

[17]

Kim, T. H., Basescu, C., Jia, L., Lee, S.B., Hu, Y., and Perrig, A. Lightweight source authentication and path validation. In Proceedings of ACM SIGCOMM (Chicago, IL, Aug. 17--22). ACM Press, New York, 2014.

Digital Library

[18]

Kushman, N., Kandula, S., and Katabi, D. Can you hear me now? It must be BGP. ACM SIGCOMM Computer Communication Review 37, 2 (Apr. 2007), 75--84.

Digital Library

[19]

Lepinski, M. and Turner, S. An Overview of BGPsec. IETF draft, May 8, 2012; http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-overview-02

[20]

Matsumoto, S., Reischuk, R.M., Szalachowski, P., Kim, T.H.-J., and Perrig, A. Authentication challenges in a global environment. ACM Transactions on Privacy and Security 20, 1 (Feb. 2017), 1--34.

Digital Library

[21]

Palo Alto Research Center. The CCNx Project (Content-Centric Networking); http://blogs.parc.com/ccnx/

[22]

Perrig, A., Szalachowski, P., Reischuk, R.M., and Chuat, L. SCION: A Secure Internet Architecture. Springer, Berlin, Germany, 2017.

[23]

Raychaudhuri, D., Nagaraja, K., and Venkataramani, A. MobilityFirst: A robust and trustworthy mobility-centric architecture for the future Internet. ACM SIGMOBILE Mobile Computing and Communications Review 16, 3 (July 2012), 2--13.

Digital Library

[24]

Sahoo, A., Kant, K., and Mohapatra, P. BGP convergence delay under large-scale failures: Characterization and solutions. Computer Communications 32, 7 (May 2009), 1207--1218.

Digital Library

[25]

Saltzer, J.H., Reed, D.P., and Clark, D.D. End-to-end arguments in system design. ACM Transactions on Computer Systems 2, 4 (Nov. 1984), 277--288.

Digital Library

[26]

Schuchard, M., Vasserman, E.Y., Mohaisen, A., Kune, D.F., Hopper, N., and Kim, Y. Losing control of the Internet: Using the data plane to attack the control plane. In Proceedings of the Network and Distributed System Security Symposium (San Diego, CA, Feb. 6--9). Internet Society, Reston, VA, 2011.

[27]

Toonk, A. Massive route leak causes Internet slowdown. BGPmon, June 12, 2015; http://www.bgpmon.net/massive-route-leak-cause-internet-slowdown/

[28]

Zhang, X., Hsiao, H.-C., Hasker, G., Chan, H., Perrig, A., and Andersen, D.G. SCION: Scalability, control, and isolation on next-generation networks. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, CA, May 22--25). IEEE Press, 2011.

Digital Library

Cited By

Zhang ZXiao GSong SCan Aygun RStavrou AZhang LOsterweil E(2025)Revealing Protocol Architecture’s Design Patterns in the Volumetric DDoS Defense Design SpaceIEEE Communications Surveys & Tutorials10.1109/COMST.2024.339225327:1(353-371)Online publication date: Feb-2025
https://doi.org/10.1109/COMST.2024.3392253
Schulz LGallrein FHausheer D(2024)Unlocking Path Awareness for Legacy Applications through SCION-IP Translation in eBPFProceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel Extensions10.1145/3672197.3673437(68-70)Online publication date: 4-Aug-2024
https://dl.acm.org/doi/10.1145/3672197.3673437
Cao YYu STan XH.K. Tsang D(2024)Competitive Online Path-Aware Path SelectionACM SIGMETRICS Performance Evaluation Review10.1145/3649477.364949851:4(66-72)Online publication date: 23-Feb-2024
https://dl.acm.org/doi/10.1145/3649477.3649498
Show More Cited By

Index Terms

The SCION internet architecture

Recommendations

Internet Censorship
Security Architecture of Computer Communication System Based on Internet of Things
ICASIT 2020: Proceedings of the 2020 International Conference on Aviation Safety and Information Technology

In large-scale service collaboration environment, security and privacy protection are the main factors affecting the development of IoT service applications. The security and privacy requirements of IoT services mainly focus on three aspects: secure ...
SCION: A Secure Internet Architecture

Comments

Information & Contributors

Information

Published In

cover image Communications of the ACM

Communications of the ACM Volume 60, Issue 6

June 2017

93 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/3098997

Editor:
Moshe Y. Vardi
Association for Computing Machinery, New York, NY

Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 May 2017

Published in CACM Volume 60, Issue 6

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Popular
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

46
Total Citations
View Citations
5,422
Total Downloads

Downloads (Last 12 months)360
Downloads (Last 6 weeks)36

Reflects downloads up to 22 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang ZXiao GSong SCan Aygun RStavrou AZhang LOsterweil E(2025)Revealing Protocol Architecture’s Design Patterns in the Volumetric DDoS Defense Design SpaceIEEE Communications Surveys & Tutorials10.1109/COMST.2024.339225327:1(353-371)Online publication date: Feb-2025
https://doi.org/10.1109/COMST.2024.3392253
Schulz LGallrein FHausheer D(2024)Unlocking Path Awareness for Legacy Applications through SCION-IP Translation in eBPFProceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel Extensions10.1145/3672197.3673437(68-70)Online publication date: 4-Aug-2024
https://dl.acm.org/doi/10.1145/3672197.3673437
Cao YYu STan XH.K. Tsang D(2024)Competitive Online Path-Aware Path SelectionACM SIGMETRICS Performance Evaluation Review10.1145/3649477.364949851:4(66-72)Online publication date: 23-Feb-2024
https://dl.acm.org/doi/10.1145/3649477.3649498
He ABu KHuang JPang YGu QRen K(2024)SwiftParade: Anti-Burst Multipath ValidationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.331545721:4(2720-2734)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1109/TDSC.2023.3315457
Kyung SBaek JAhn G(2024)Unveiling SDN Controller Identity through Timing Side Channel2024 15th International Conference on Network of the Future (NoF)10.1109/NoF62948.2024.10741434(169-177)Online publication date: 2-Oct-2024
https://doi.org/10.1109/NoF62948.2024.10741434
Martinello MGomes RBorges ELayber HBonella VDominicini CGuimarães RRibeiro MBarcellos M(2024)PathSec: Path-Aware Secure Routing with Native Path Verification and Auditability2024 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)10.1109/NFV-SDN61811.2024.10807493(1-7)Online publication date: 5-Nov-2024
https://doi.org/10.1109/NFV-SDN61811.2024.10807493
Schulz LWehner RHausheer D(2024)Scion Edge Router for Legacy IP Applications Based on Intel Tofino2024 IEEE 32nd International Conference on Network Protocols (ICNP)10.1109/ICNP61940.2024.10858525(1-6)Online publication date: 28-Oct-2024
https://doi.org/10.1109/ICNP61940.2024.10858525
Zavodovski AAghdam FCaló ADehkordi RStepanek PRasti MPongracz EAhokangas P(2024)How 6G and AI Can Reshape the Future of Electric Systems2024 IEEE International Conference on Environment and Electrical Engineering and 2024 IEEE Industrial and Commercial Power Systems Europe (EEEIC / I&CPS Europe)10.1109/EEEIC/ICPSEurope61470.2024.10751181(1-6)Online publication date: 17-Jun-2024
https://doi.org/10.1109/EEEIC/ICPSEurope61470.2024.10751181
Seo MKim JYou MShin SKim J(2024)gShock: A GNN-Based Fingerprinting System for Permissioned Blockchain Networks Over Encrypted ChannelsIEEE Access10.1109/ACCESS.2024.346958312(146328-146342)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3469583
Gartner MSmith JFrei MWirz FNeukom CHausheer DPerrig A(2023)Hercules: High-Speed Bulk-Transfer over SCION2023 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking57963.2023.10186366(1-9)Online publication date: 12-Jun-2023
https://doi.org/10.23919/IFIPNetworking57963.2023.10186366
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents