Communications of the ACM

Valancius, V., Feamster, N., Madhyastha, H., Anderson, T., and Krishnamurthy, A. LIFEGUARD: Practical repair of persistent route failures. In Proceedings of ACM SIGCOMM (Helsinki, Finland, Aug. 13–17). ACM Press, New York, 2012.

17. Kim, T. H., Basescu, C., Jia, L., Lee, S. B., Hu, Y., and Perrig, A. Lightweight source authentication and path validation. In Proceedings of ACM SIGCOMM (Chicago, IL, Aug. 17–22). ACM Press, New York, 2014.

18. Kushman, N., Kandula, S., and Katabi, D. Can you hear me now? It must be BGP. ACM SIGCOMM Computer Communication Review 37, 2 (Apr. 2007), 75–84.

19. Lepinski, M. and Turner, S. An Overview of BGPsec. IETF draft, May 8, 2012; http://tools.ietf.org/html/ draft-ietf-sidr-bgpsec-overview-02

20. Matsumoto, S., Reischuk, R.M., Szalachowski, P., Kim, T.H.-J., and Perrig, A. Authentication challenges in a global environment. ACM Transactions on Privacy and Security 20, 1 (Feb. 2017), 1–34.

21. Palo Alto Research Center. The CCNx Project ( Content-Centric Networking); http://blogs.parc.com/ccnx/

22. Perrig, A., Szalachowski, P., Reischuk, R.M., and Chuat, L. SCION: A Secure Internet Architecture. Springer, Berlin, Germany, 2017.

23. Raychaudhuri, D., Nagaraja, K., and Venkataramani, A.

MobilityFirst: A robust and trustworthy mobility-centric architecture for the future Internet. ACM SIGMOBILE Mobile Computing and Communications Review 16, 3 (July 2012), 2–13.

24. Sahoo, A., Kant, K., and Mohapatra, P. BGP convergence delay under large-scale failures: Characterization and solutions. Computer Communications 32, 7 (May 2009), 1207–1218.

25. Saltzer, J. H., Reed, D.P., and Clark, D. D. End-to-end arguments in system design. ACM Transactions on Computer Systems 2, 4 (Nov. 1984), 277–288.

26. Schuchard, M., Vasserman, E. Y., Mohaisen, A., Kune, D. F., Hopper, N., and Kim, Y. Losing control of the Internet: Using the data plane to attack the control plane. In Proceedings of the Network and Distributed System Security Symposium (San Diego, CA, Feb.

6–9). Internet Society, Reston, VA, 2011.

27. Toonk, A. Massive route leak causes Internet slowdown. BGPmon, June 12, 2015; http://www. bgpmon.net/massive-route-leak-cause-internet-

28. Zhang, X., Hsiao, H.-C., Hasker, G., Chan, H., Perrig, A., and Andersen, D.G. SCION: Scalability, control, and isolation on next-generation networks. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, CA, May 22–25). IEEE Press, 2011.

David Barrera ( david.barrera@inf.ethz.ch) is a postdoc in the Network Security Group at ETH Zürich in Switzerland.

Laurent Chuat ( laurent.chuat@inf.ethz.ch) is a Ph.D. student in the Network Security Group at ETH Zürich in Switzerland.

Adrian Perrig ( aperrig@inf.ethz.ch) is a professor in the Department of Computer Science and leads the Network Security Group at ETH Zürich in Switzerland and an ACM Fellow.

Raphael M. Reischuk ( reischuk@inf.ethz.ch) is a senior IT-security researcher at ETH Zürich in Switzerland focusing on network and Web security.

Pawel Szalachowski ( psz@inf.ethz.ch) is a senior researcher in the Network Security Group at ETH Zürich in Switzerland.

Copyright held by the authors.

Publication rights licensed to ACM. $15.00

sible, remote ASes can be connected via IP tunnels, but their communication depends on the BGP routing protocol. As the testbed expands, we expect more participants will connect directly to benefit from SCION’s full feature set.

To use SCION, ISPs at a minimum must deploy a border router capable of “encapsulating” and “ decapsulat-ing” SCION traffic as it leaves or enters their networks. SCION ASes must also deploy certificate, beacon, name, and path servers that can run on commodity hardware. Deploying SCION in homes or businesses is designed to require little effort, initially with no changes to existing software or networking stacks or replacement of end-user network devices. This ready connection is achieved through a gateway device that transparently switches communication over to SCION if the remote endpoint is also SCION-enabled. Several companies are currently exploring commercialization of these technologies, notably the startup Anapaya Systems, which offers SCION routers.

Conclusion

SCION is an Internet architecture that provides security, availability, transparency, control, scalability, and more (see the sidebar “The Future Looks Bright with SCION”). SCION offers numerous advantages over the current Internet and supports other future Internet proposals as an underlying building block for highly reliable point-to-point communication.

Despite its research maturity following six years of effort, SCION is still in its infancy in terms of deployment. While requiring relatively small changes by ISPs and domains, broadening adoption is SCION’s foremost goal. We expect the benefits for various stakeholders will provide strong incentives for adoption, leading to islands of SCION deployment. In the long term, connections and mergers among islands will enable ever-increasing numbers of native SCION end-to-end connections.

Working on SCION has let us consider
Internet architectures from a clean-
slate perspective. The absence of limit-
ing constraints (imposed by the current
Internet environment) has been par-
ticularly rewarding, as the deep explo-
ration of this problem space enables
us ask not how a future Internet can
achieve what the current Internet has
already achieved, but rather what addi-
tional features can and should a future
Internet offer. We anticipate the in-
sight into the possible applications of
a secure, dynamic, highly available net-
work will help engage the network com-
munity to leverage SCION for its appli-
cations and contribute to the project.

Our 2017 book SCION: A Secure Internet Architecture describes the architecture in more detail, including authentication, name resolution, deployment, operation, extensions, and specifications. 22

References

1. Abadi, M., Birrell, A., Mironov, I., Wobber, T., and Xie, Y. Global authentication in an untrustworthy world. In Proceedings of the 14th Workshop on Hot Topics in Operating Systems (Santa Ana Pueblo, NM, May 13–15). Usenix Association, Berkeley, CA, 2013.

2. American Registry for Internet Numbers. Resource Public Key Infrastructure (RPKI); https://www.arin. net/resources/rpki/

3. Andersen, D.G., Balakrishnan, H., Feamster, N., Koponen, T., Moon, D., and Shenker, S. Accountable Internet Protocol (AIP). In Proceedings of ACM SIGCOMM (Seattle, WA, Aug. 17–22). ACM Press, New York, 2008.

4. Andersen, D.G., Balakrishnan, H., Kaashoek, M.F., and Morris, R. Resilient overlay networks. In Proceedings of the ACM Symposium on Operating Systems Principles (Chateau Lake Louise, Banff, Canada, Oct. 21–24). ACM Press, New York, 2001.

5. Arends, R., Austein, R., Larson, M., Massey, D., and Rose, S. DNS Security Introduction and Requirements. RFC 4033 (Proposed Standard), 2005; https://www. ietf.org/rfc/rfc4033.txt

6. Basescu, C., Reischuk, R.M., Szalachowski, P., Perrig, A., Zhang, Y., Hsiao, H.-C., Kubota, A., and Urakawa, J. SIBRA: Scalable Internet Bandwidth Reservation Architecture. In Proceedings of Network and

Distributed System Security Symposium (San Diego,
CA, Feb. 21–24). Internet Society, Reston, VA, 2016.
7. Basin, D., Cremers, C., Kim, T. H.-J., Perrig, A., Sasse,
R., and Szalachowski, P. ARPKI: Attack Resilient
Public-Key Infrastructure. In Proceedings of the ACM
Conference on Computer and Communications Security
(Scottsdale, AZ, Nov. 3–7). ACM Press, New York, 2014.
8. BBC News. Asia communications hit by quake. Dec. 27,
2006; http://news.bbc.co.uk/2/hi/asia-pacific/6211451.stm

9. Brown, M. Pakistan Hijacks You Tube; http://research. dyn.com/2008/02/pakistan-hijacks-youtube-1/

10. Chen, C., Asoni, D., Barrera, D., Danezis, G., and Perrig, A. HORNET: High-speed onion routing at the network layer. In Proceedings of the ACM Conference on Computer and Communications Security (Denver, CO, Oct. 12–16). ACM Press, New York, 2015.

11. Dübendorfer, T., Wagner, A., and Plattner, B. An economic damage model for large-scale Internet attacks. In Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (University of Modena and Reggio Emilia, Italy, June 14–16). IEEE Press, 2004.

12. Electronic Frontier Foundation. SSL Observatory, 2010; https://www.eff.org/observatory

13. Farinacci, D., Fuller, V., Meyer, D., and Lewis, D. The Locator/ID Separation Protocol (LISP). RFC 6830, 2013; https://tools.ietf.org/html/rfc6830

14. Han, D., Anand, A., Dogar, F., Li, B., Lim, H., Machado, M., Mukundan, A., Wu, W., Akella, A., Andersen, D.G., Byers, J. W., Seshan, S., and Steenkiste, P. XIA: Efficient support for evolvable internetworking. In Proceedings of the Ninth USENIX Symposium on Networked Systems Design and Implementation (San Jose, CA, Apr. 25–27). USENIX Association, Berkeley, CA, 2012.

15. Jacobson, V., Smetters, D.K., Thornton, J.D., Plass, M.F., Briggs, N.H., and Braynard, R.L. Networking named content. In Proceedings of the Fifth International Conference on Emerging Networking Experiments and Technologies (Rome, Italy, Dec. 1–4). ACM Press, New York, 2009.