I
M
A
G
E
B
Y
Y
U
R
I
I
A
N
D
R
E
I
C
H
Y
N
Internet architecture. A new Internet
architecture must offer availability,
security by design, and incentives for
deployment, as well as address eco-
nomic, political, and legal issues at the
design stage.
Such features require a completely
new cohesive architecture that provides
one fundamental building block—
highly available point-to-point com-
munication—on which other proposed
Internet architectures that provide con-
tent-centric,
15, 21 extensibility-centric,
14 or
mobility-centric23 properties can build.
This article describes SCION, or
Scalability, Control, and Isolation
On Next-generation networks, an
inter-domain network architecture
designed to address these issues, cov-
ering SCION’s goals, design, and func-
tionality, as well as the results of six
years of research we have conducted
since our initial publication.
28
Objectives
We begin with the high-level goals an
inter-domain point-to-point communication architecture must be able to
accomplish.
Availability in the presence of ad-
versaries. Our aim is to offer a point-to-
point communication infrastructure
that remains highly available even in
the presence of distributed adversar-
ies; as long as an attacker-free path
between endpoints exists, that path
can be discovered and used with guar-
anteed bandwidth between the end-
points, and is an exceedingly challeng-
ing property to achieve.
An “on-path adversary” may drop,
delay, or alter packets instead of forwarding them or inject packets into the
network. The architecture must thus
provide mechanisms to counteract
malicious operations. An “off-path adversary” could launch a hijack attack to
attract traffic to flow through network
elements under its control. Such traffic
attraction can take several forms; for
instance, an adversary could announce
a desirable path to a destination by using forged paths or attractive network
metrics. Conversely, the adversary
