首页|RPKI去中心化安全增强技术综述

RPKI去中心化安全增强技术综述

扫码查看
资源公钥基础设施(RPKI)搭建了中心层级化的IP地址资源认证基础设施.在增强互联网域际路由系统安全的同时,RPKI也将中心性引入路由系统.根据证书认证中心职能,提出RPKI体系中的认证中心、操作中心和发布中心,并从3个中心对RPKI去中心化安全增强技术综述.首先,从认证、操作和发布角度细化RPKI中心化风险.其次,从3个风险角度分类RPKI去中心化安全增强技术的技术思路和解决措施.再次,从安全性、可扩展性和增量部署分析比较相关技术.最后,总结存在的问题并展望未来的研究方向.
Survey on decentralized security-enhanced technologies for RPKI
The resource public key infrastructure(RPKI)deploys a centralized and hierarchical infrastructure for the au-thorization of IP addresses.It not only enhances the security of the Internet border gateway protocol system,but also in-troduces centralization into the routing system.According to the functions of the certificate authorities,the authorization center,operation center,and publication center in the RPKI were proposed,and a comprehensive survey on decentralized security-enhanced technologies for the RPKI were presented based on these three centers.Firstly,RPKI centralization risks were refined from the perspective of authorization,operation and publication.Secondly,the technical ideas and so-lutions of decentralized security-enhanced technologies were classified into these three perspectives.Thirdly,technolo-gies were compared in terms of security,scalability,and incremental deployment.Finally,the existing problems in cur-rent technologies were summarized and the future research directions were prospected.

border gateway protocolresource public key infrastructuresecure inter-domain routingblockchaindecen-tralization

秦超逸、张宇、方滨兴

展开 >

哈尔滨工业大学网络空间安全学院,黑龙江 哈尔滨 150001

鹏城实验室,广东 深圳 518055

广州大学网络空间先进技术研究院,广东 广州 510006

边界网关协议 资源公钥基础设施 域间路由安全 区块链 去中心化

国家重点研发计划基金资助项目鹏城实验室重大攻关基金资助项目

2022YFB3104800PCL2023A05

2024

通信学报
中国通信学会

通信学报

CSTPCD北大核心
影响因子:1.265
ISSN:1000-436X
年,卷(期):2024.45(7)
  • 5