Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

New Standards Will Shore up Internet Router Security

Industry efforts to strengthen the critical Border Gateway Protocol (BGP) system that the Internet's core routers use to direct traffic received a boost this week with the release of new draft standards by the Internet Engineering Task Force (IETF).

The standards center around a security feature called BGP Path Validation and are designed to ensure that Internet traffic is not accidentally or maliciously intercepted and rerouted as it travels from one point to another. Such interception has resulted in network disruption, eavesdropping, and financial theft in recent years and has heightened concerns about the vulnerability of the BGP system to targeted attacks.

The new BGPsec standard describes the use of digital signatures on BGP routers so traffic from one point to another on the Internet only flows along an authorized, digitally signed path, the National Institute of Standards and Technology (NIST) announced Tuesday. "Employing this idea of “path validation” together with origin validation could deter stealthy attacks intended to reroute data without the recipient realizing it," NIST said.

BGP routers direct traffic on the Internet. Each autonomous system (AS) - or network on the Internet - has a BGP router containing routing information for thousands of Internet destinations. The BGP routers exchange the information with each other to ensure that traffic is routed safely from source to destination.

Read the rest of this article on Dark Reading.