Internet-Draft Use Cases September 2022
Chen & Su Expires 2 April 2023 [Page]
Workgroup:
Internet Engineering Task Force
Internet-Draft:
draft-chen-secure-routing-requirements-00
Published:
Intended Status:
Informational
Expires:
Authors:
Chen, Ed.
China Mobile
L. Su
China Mobile

The Requirements for Secure Routing

Abstract

At present, the routing process is to look up its own routing table through the router to realize packet forwarding or data discarding. With the development of the network, attention is paid not only to reachability but also to security capability in the routing process. With the frequent occurrence of security incidents, more and more network devices have security functions, secure routing and secure path is required by many scenarios.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 2 April 2023.

Table of Contents

1. Introduction

At present, the routing process is to find its own routing table through the router to realize packet forwarding or data discarding. The routing methods include programmable and non programmable, and the data is forwarded based on the principle of fast access. With the development of network, people not only pay attention to the reachability in the routing process, but also pay more attention to the link security. Link security includes routing security and node security. In addition to the traditional ground network, the future development of satellite network will also involve link security. Due to the higher openness of satellite network, the security vulnerability of inter satellite nodes will affect the security of the whole network.

Security attacks are happening almost every moment in the world, so network devices are also updating and iterating to cope with complex security environments. In addition to proprietary security devices, many network devices have integrated security functions, such as routers with anti DDoS attack functions. At present, most routers have anti DDoS functions in advanced settings. Usually, this function is not turned on by default. If a route is DDoS protected, the whole network speed will drop dramatically. For example, the switch has anti DDoS function, intrusion detection (IDS) function and firewall function. For example, the gateway has anti-virus, intrusion detection, firewall, VPN and other security functions.

Starting from the requirements of network operators and users, it is necessary to take the security attribute as the key factor to select the route and transmission path to measure the link transmission security. To achieve this goal, the following contents may need to be studied.

  1. A method or protocol for routing and data transmission according to security capabilities;
  2. An interactive protocol that allows the perception and measurement of the security of the link in the path;
  3. Security measurement and feedback model: the authorized third party makes decisions on security measurement and gives the results as reference suggestions then provide the results to the user, the user can determine the degree of dependence and trust on the security of the link;
  4. Atomized description and definition of security functions: reorganize and define the security functions supported by existing network devices, and encode them. Generally, the security functions of a device can be described as a collection.

2. Secure Routing Use Cases

2.1. Requirements of network operators

Transmission security generally adopts encryption, IPSec and other measures to ensure end-to-end security. The operator channel is responsible for data transmission, but lacks the ability to provide security consultation for users. The network is more complex and the intersection is more obvious. The traditional security domain is gradually broken. The online real-time streaming security needs are obvious. The operator needs to obtain the security status of each device in the network.

For customers with high security requirements, operators need to transmit data at the security level expected by customers. For example, in addition to the IP address, each node also has a description of its own security functions, that is, security vectors. When the user sends a request, the security requirement is converted into a security vector. When forwarding data, the IP address and security vector are selected as the elements to achieve best delivery.

     A(ip,sv)          B(ip,sv)       C(ip,sv)
     ----------      ----------      ----------
────►│ Router ├──────┤ Router ├─────►│ Router ├────────┐
     └───┬────┘      └───┬────┘      └───┬────┘        │
         │               │               │             │
         │               │               │             │
         │               │               │             │
         │           ┌───▼────┐      ┌───▼────┐   ┌────▼───┐
         └───────────► Router ├──────► Router ├───► Router ├──►
                     └────────┘      └────────┘   └────────┘
                      D(ip,sv)        E(ip,sv)     F(ip,sv)
 Figure1: Select path according to IP address and security vector

2.2. Requirements of users

The user's security awareness is at the highest level in history. The application security measures at the upper level can no longer meet the needs. The user needs the pipeline to provide an objective presentation of security. Security needs to be quantified, objective and authoritative.

Users need to convert security requirements into security vectors, and general users may not have security background knowledge. Therefore, in most cases, a security vector translator is required to convert perceptual requirements into objective security vectors. How to use the security vector for route selection and data forwarding, for example, you can choose the route according to the best effort delivery principle and the maximum satisfaction security vector.

(ip,sv)      (ip,sv)
             ┌───────┐     ┌───────┐
   ──────────► Router├─────►Router ├──────┐
(Src,Dst,sv) └──┬────┘     └───────┘      │
                │                         │
                │                         │
                │      (ip,sv)            │
                │     ┌───────┐       ┌───▼──┐
                └────►│Router ├──────►│Router├───►DST
                      └───────┘       └──────┘
                                       (ip,sv)
Figure2: Select the path according to the user's security vector requirements

3. IANA Considerations

This memo includes no request to IANA.

4. Security Considerations

TBD

Authors' Addresses

Meiling Chen (editor)
China Mobile
BeiJing
China
Li Su
China Mobile
BeiJing
China