RPsec: Managing routing protocol security

The Internet routing infrastructure is an obvious target of attack, as compromised routers can be used to stage large scale attacks. While considerable progress has been made on validating the content of routing protocol messages, little use is made of procedures for protecting the path followed by the information exchanged between adjacent routers. When these procedures are used to protect the packets “on the wire”, the necessary parameters are installed manually, and then often left unchanged for five years or more, due to the high cost of making the changes, relative to the cost of the perceived threat. We propose a method for integrating the management of routing protocol security into existing configuration management systems. We outline the design of the data structures that will support automated management of the security relationships among routers, and have constructed YANG models for these data structures. We demonstrate how to manage the distribution of configuration data, using NETCONF and the YANG models. This will facilitate the development of automated key management protocols, which is a necessary first step to achieving higher routing protocol security at a reasonable cost.