Introducing the new Internet Society white paper, “Routing Security for Policymakers“
The global routing system is a lot like a water system in a city. It’s vitally important to the Internet and we tend to overlook it until something goes wrong.
Routing determines how packets (data sent over a network or networks) containing information, like email messages, website data, and voice-over-IP (VoIP) calls, move from one place to another on the Internet. However, despite its importance, many people only think about the Internet routing when they hear about a major routing incident in the news or can’t reach their favorite websites.
Both the water system and the routing system are, at their core, built on trust.
A water system relies on hundreds of workers, its water suppliers, local farmers and companies, and countless others to deliver its service. The system is based on chains of trust, with each person or entity relying on the other to act appropriately.
Similarly, the global routing system is a complex, decentralized system made up of tens of thousands of individual networks. Independent business decisions and trusted relationships between individual network operators that are implementing the Border Gateway Protocol (BGP) determine how the network operates. (A routing protocol is the way in which a network determines the path a data packet is going to take. To route traffic between networks, most networks use the BGP). The routing system’s decentralized structure provides flexibility, scalability, and overall durability.
Yet, despite its strengths, thousands of routing incidents occur every year. Just as water main breaks, broken pipes, and sewage backups can disrupt life in a city, routing incidents like route leaks, route hijacks, and IP-address spoofing each have the potential to slow down Internet speeds or even to make parts of the Internet unreachable, thus disrupting the ability of companies or users to access critical services or information. Packets could also get diverted through malicious networks, providing an opportunity for surveillance.
The solutions to address many routing incidents are known, but we lack the incentives to implement them.
Unfortunately, routing security is not a market differentiator, meaning that it is difficult for network operators to demonstrate their contribution to routing security in ways that customers will appreciate and value. Routing incidents are easiest to address by the network operators at their source, but their negative effects are most likely to be felt on another network. Since the perceived benefits will mostly go to other networks and not their own, network operators are less likely to invest in better routing security. In order to address the broader ecosystem challenges facing routing security, all stakeholders, including governments, need to play their role in order to strengthen the security and reliability of the global routing system.
To help policymakers understand these issues, the Internet Society has released a white paper, “Routing Security for Policymakers,” that provides policymakers with an introduction to routing security. In the paper, we highlight key issues and challenges of routing security, together with guiding principles and recommendations for policymakers.
Only through global, collective action can we improve the security of the global routing system, thus making the Internet more secure for everyone. Through procurement policies, large companies and governments can demand better routing security from their Internet service providers – much as a water department would place water purity requirements on their own water suppliers. These procurement policies could have a trickle down impact on the wider industry.
Let’s take the water analogy one step further: if we don’t want our sewers to clog up or even flood, we know that we shouldn’t pour grease down the drain. Similarly all networks providing Internet connectivity, including enterprise or government networks, should do their part to implement better routing security on their own networks. By using stronger filtering policies to determine when bad announcements are made by neighboring networks, networks can limit the number of route leaks and route hijacks they contribute to, thus making the Internet more secure for all of us. (Networks make announcements to one another which detail the addresses reachable through or on their network or a customer’s networks. Announcements help determine how routers decide to route traffic to a destination. Each network determines what it will accept as an announcement from other networks.) By using IP source validation to find spoofed traffic, networks can help prevent devices on their network from participating in distributed denial of service (DDoS) attacks. (IP source validation are techniques used to ensure that the IP address given by a packet came from a valid source address.)
Whether it’s a water system or the Internet, life gets harder when we can’t trust that each participant is doing their part to make things more secure. Please read and share “Routing Security for Policymakers“ to learn more about the challenges we face and what you can do to strengthen routing security.