New standards to make web traffic more secure

Home » News » New standards to make web traffic more secure

NIST and the Department of Homeland Security (DHS) Science and Technology Directorate have recently worked in collaboration with the industry internet to increase the cybersecurity of electronic messages and data flowing through the internet.

A new set of standards called Secure Inter-Domain Routing (SIDR), has been published by the Internet Engineering Task Force (IETF). This represents the first standardized approach for global defense against sophisticated attacks on the internet’s routing system.

The new standards will help overcome the vulnerabilities within the Border Gateway Protocol (BGP), a system that the Internet's core routers use to direct traffic. BGP forms the technical glue holding the internet together, but historically, its lack of security mechanisms makes it an easy target for hacking.

The overall defensive effort will use cryptographic methods to ensure routing data travels along an authorized path between networks. There are three essential components of the IETF SIDR effort:

  1. Resource Public Key Infrastructure (RPKI), provides a way for a holder of a block of internet addresses—typically a company or cloud service provider—to stipulate which networks can announce a direct connection to their address block;
  2. BGP Origin Validation, allows routers to use RPKI information to filter out unauthorized BGP route announcements, eliminating the ability of malicious parties to easily hijack routes to specific destinations.
  3. BGP Path Validation (also known as “BGPsec”), is what is described in the suite of draft standards (RFCs 8205 through 8210) the IETF has just published. Its innovation is to use digital signatures by each router to ensure that the entire path across the internet crosses only authorized networks. Employing this idea of “path validation” together with origin validation could deter stealthy attacks intended to reroute data without the recipient realizing it.



External Advisory Board in session – Madrid (Atos premises), 19 February 2020

Future Events

The sec4dev Conference & Bootcamp is a Vienna-based security event which targets one very specific group: people involved in software development.

From February 24-27 2020 experts will gather in the TU Wien to discuss and promote, among other things, secure coding, security testing, automation and continuous integration.

24/02/2020 to 27/02/2020

As Europe’s largest legal technology conference and exhibition, The British Legal Technology Forum 2020 will bring together the most respected professionals from both the legal and commercial technology sectors to examine and explore the systems, strategies, processes and platforms that will drive law firms and legal businesses into the next decade and beyond.