Internet DRAFT - draft-chen-secure-routing-use-cases
draft-chen-secure-routing-use-cases
Internet Engineering Task Force Chen
Internet-Draft L. Su
Intended status: Informational B. Yang
Expires: 19 May 2024 China Mobile
16 November 2023
The Use Cases for Secure Routing Path
draft-chen-secure-routing-use-cases-03
Abstract
Current routing mechanism is based on the shortest path, which only
take the link status and the path accessibility into consideration,
without the security and trustworthiness of links and forwarding
nodes. As security has become an important factor to the user. This
paper proposes to add security factor in the routing process.
With the frequent occurrence of security incidents, services security
is an essential demand for the users. As there are many security
devices in the ISP's network, this draft proposes secure routing
mechanism. The purpose of secure routing is to converge security and
routing to ensure the secure data transmission.
The scope is transmission process security, while end-to-end security
and application layer security are out of scope.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 19 May 2024.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
Chen, et al. Expires 19 May 2024 [Page 1]
�
Internet-Draft Use Cases November 2023
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Analysis of security requirements . . . . . . . . . . . . . . 3
3. Security and routing convergence . . . . . . . . . . . . . . 3
4. Secure Routing Use Cases . . . . . . . . . . . . . . . . . . 4
4.1. Basic path for secure routing . . . . . . . . . . . . . . 5
4.2. Differentiated service for secure routing path. . . . . . 6
4.3. hybrid basic trust and security service . . . . . . . . . 8
4.3.1. Use case for cloud users . . . . . . . . . . . . . . 9
4.3.2. Use case for 5G non-public network or 5G network
slicing . . . . . . . . . . . . . . . . . . . . . . . 9
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction
With the frequent occurrence of network security accidents, users'
demand for network security is greatly increased; there is no doubt
that security of services is required. The current security risk
mainly comes from attacks, users need security services to ensure the
continuity of business.
In addition, users have higher requirements for data privacy and
security, which includes both policy and business requirements. For
example, customers in the financial industry need to perceive the
routing path and determine which link their data is running on,
whether it is forwarded by a trusted and secure router, and whether
secure services are provided on the link. Whether the routing node
is trustworthy can be evaluated by evaluating the routing node; The
security of routing nodes can be determined by the security
capabilities they possess.
Some users build security centers by themselves, some buy third-party
cloud security services, and some hope that ISPs can provide security
services by secure routing. Secure routing provided by ISPs can be
implemented which can forward traffic to security functions. With
the development of programmable network (such as SDN) and SRv6
Chen, et al. Expires 19 May 2024 [Page 2]
�
Internet-Draft Use Cases November 2023
technology, the forwarding requirements of the application layer can
be completed through routing programming; accessibility and security
in the routing process can be processed synchronously to provide
users with secure routing.
Network functions are also updating and integrated security functions
to cope with complex security environments, such as routers with
anti-DDoS attack functions.
2. Analysis of security requirements
From ISPs' perspective, the nodes' trustworthiness is different, it
is necessary to provide routing policy from the security protection
for the important users.
For users, different users have different security requirements which
depend on their services. For example, e-commerce and Internet
companies focus on phishing prevention, anti-DDoS attacks and data
security; Medical companies focus on data security and security
isolation, and financial companies pay special attention to their
data security.
3. Security and routing convergence
If security functions and network functions are highly integrated,
security can be as available as network connection. Optimize
existing routing protocols to obtain information about security
functions in the network, secure routing can be implemented by
combine security policy and routing policy. Figure1 describes the
relationship between the Network Programming controller and network
functions and security functions.
In this draft, Nodes are used to represent network elements. What is
Node with security function? There are two deployment methods. 1.
The security function and routing function are independent, but they
are deployed in one site, as show in Figure1-1; 2. The security
functions and routing functions are integrated, as show in Figure1-2.
Chen, et al. Expires 19 May 2024 [Page 3]
�
Internet-Draft Use Cases November 2023
+------------+
| Network |
| Programming|
| Controller |
+------+-----+
|
+---------------------+--------------------+
| |
| |
+-------+-------+ +----------------------------+--------+
| | | | | |
| +---+---+ | | +----------+ +---+---+ |
| | Router|-----------| Security |-----------| Router| |
| +---+---+ | | | Function | +-------+ |
| | | | +----------+ |
| +----+----+ | | |
| |Security | | +-------------------------------------+
| |Function | | Node
| +---------+ |
| |
+---------------+
Node
Figure 1-1: Functions independent mode of Node
+------------+
| Network |
| Programming|
| Controller |
+------+-----+
|
+---------------------+--------------------+
| |
+-------------------+ +---------+
| Network function | | Router |
| Security function | +---------+
+-------------------+ Node
Node
Figure 1-2: Functions integration mode of Node
4. Secure Routing Use Cases
Two use cases are described below.
1. Routing policy ensure transmission security based on network node
security appraisal;
Chen, et al. Expires 19 May 2024 [Page 4]
�
Internet-Draft Use Cases November 2023
2. Differentiated security path to meet diverse service
requirements.
4.1. Basic path for secure routing
This scenario occurs in the network. High security users require the
link and forwarding node physical isolation, and through a specific
link path. To satisfied this requirement, it is necessary for the
network programming controller to collect the network node
information.
Network programming controller obtain the information of nodes and
appraise the trustworthiness can improve nodes security awareness.
Figure2 describes nodes security appraisement.
+-------------+
| Network |
| Programming |
| Controller |
+-------------+
| appraise
| trustworthiness
+--------------+---------------+
^ ^ ^
| | |
| | |
+---+----+ +---+---+ +----+---+
| Node1 | | Node2 | | Node3 |
+--------+ +-------+ +--------+
Figure2 : Node security appraisement
Also, the trustworthiness of node is different, for Node3 with poor
trustworthiness, important users will avoid Node3 for routing policy.
Figure3 describes userA's link forwarding process avoids Node3,select
path<1,2,3,4>.
Chen, et al. Expires 19 May 2024 [Page 5]
�
Internet-Draft Use Cases November 2023
Ingress
+--------+ 1 +------+ 5 +---------+ 6 +-------+
| UserA |------>| Node1|--------| Node3 |-----| Node5 |
+--------+ +------+ +---------+ +-------+
| | |
| | |
| 2 |7 |8
| | |
| | |
v | |
+-------+ 3 +-------+ 4 +-------+
| Node2 |------->| Node4 |------>| Node6 |---->
+-------+ +-------+ +-------+ Egress
Figure3 : Link forwarding protection
4.2. Differentiated service for secure routing path.
ISPs have built many security functions and security resource pools
in the network, once the network node is attacked, it needs fast and
efficient scheduling security function to mitigate. Users have clear
requirements for their own security services.
The types of users are different, and the corresponding security
requirements are different. The security requirement is no longer
simply divided into high, medium and low levels, but more specific.
For example, in addition to considering low-latency connections,
customers in the game industry should first consider anti-DDoS
services for security requirements,therefore, ISPs are required to
provide anti-DDoS security services. For financial customers, data
security is the most important requirement, it is required that data
cannot be tampered with, eavesdropped or copied, and so on.
For customers with specific security requirements, ISPs need to
transmit data at the security level expected by customers. For
example, if the user needs anti-ddos and IPS services, the secure
routing must pass through Node4 and Node5.
When userA needs Anti-ddos services, the secure routing must pass
through Node5, Figure4-1 shows the path<1,5,6,10> selected for UserA
which require anti-ddos service.
Chen, et al. Expires 19 May 2024 [Page 6]
�
Internet-Draft Use Cases November 2023
+----------+
+--------+ 1 +------+ 5 +---------+ 6 | Node5 |
| UserA |------>| Node1|------->| Node3 |---->| Anti-ddos|----+
+--------+ +---+--+ +----+----+ +----------+ |
ingress | | | |
| | | |
| 2 |7 |8 |10
| | | |
| | | |
| | | V
+------+ 3 +------+ 4 +-------+ 9 +------+
| Node2|---------| Node4|-------| Node6 |-----|Egress|--->
| WAF | | IPS | +-------+ +------+
+------+ +------+ |
| 11 |
+-------------------------------------------+
Figure4-1 : User require anti-ddos service
When userA needs IPS services, the secure routing must pass through
Node4, Figure4-2 shows the path<1,5,7,4,9> selected for UserA which
require IPS service.
+----------+
+--------+ 1 +------+ 5 +---------+ 6 | Node5 |
| UserA |------>| Node1|------->| Node3 |-----| Anti-ddos|----+
+--------+ +---+--+ +----+----+ +----------+ |
ingress | | | |
| | | |
| 2 |7 |8 |10
| | | |
| | | |
| | | |
+------+ 3 +---v--+ 4 +-------+ 9 +------+
| Node2|---------| Node4|------>| Node6 |---->|Egress|--->
| WAF | | IPS | +-------+ +------+
+------+ +------+ |
| 11 |
+-------------------------------------------+
Figure4-2 : User require IPS service
When userA needs WAF services, the secure routing must pass through
Node2, Figure4-3 shows the path<1,2,11> selected for UserA which
require IPS service.
Chen, et al. Expires 19 May 2024 [Page 7]
�
Internet-Draft Use Cases November 2023
+----------+
+--------+ 1 +------+ 5 +---------+ 6 | Node5 |
| UserA |------>| Node1|--------| Node3 |-----| Anti-ddos|----+
+--------+ +---+--+ +----+----+ +----------+ |
ingress | | | |
| | | |
| 2 |7 |8 |10
| | | |
| | | |
V | | |
+------+ 3 +------+ 4 +-------+ 9 +------+
| Node2|---------| Node4|-------| Node6 |-----|Egress|--->
| WAF | | IPS | +-------+ +------+
+------+ +------+ ^
| 11 |
+-------------------------------------------+
Figure4-3 : User require WAF service
When userA needs IPS, WAF and Anti-ddos services, the secure routing
must pass through Node4, Node2 and Node5, Figure4-4 shows the
path<1,2,3,7,6,10> selected for UserA which require IPS, WAF and
Anti-ddos services.
+----------+
+--------+ 1 +------+ 5 +---------+ 6 | Node5 |
| UserA |------>| Node1|--------| Node3 |---->| Anti-ddos|----+
+--------+ +---+--+ +----+----+ +----------+ |
ingress | ^ | |
| | | |
| 2 |7 |8 |10
| | | |
| | | |
V | | V
+------+ 3 +------+ 4 +-------+ 9 +------+
| Node2|-------->| Node4|-------| Node6 |-----|Egress|--->
| WAF | | IPS | +-------+ +------+
+------+ +------+ |
| 11 |
+-------------------------------------------+
Figure4-4 : User require WAF IPS and Anti-ddos services
4.3. hybrid basic trust and security service
Usually, users' needs are mixed, requiring both trusted paths and
providing security services on the routing path.
Chen, et al. Expires 19 May 2024 [Page 8]
�
Internet-Draft Use Cases November 2023
4.3.1. Use case for cloud users
Most ISPs provide cloud services, and users host data on the cloud,
requiring frequent interaction and operation with the cloud. As
sensitive user data store in the cloud, users need high level
security protection for the routing link to access to sensitive user
data.
4.3.2. Use case for 5G non-public network or 5G network slicing
NPN or 5G slicing vertical users such as bank, stock exchange,
electric power company have requirements on the turstworthiness and
anti-attack abilities of the link, they need the ISPs to construct a
trusted routing link which meet the customer’s security requirement.
5. IANA Considerations
This memo includes no request to IANA.
6. Security Considerations
TBD
Authors' Addresses
Meiling Chen
China Mobile
BeiJing
China
Email: chenmeiling@chinamobile.com
Li Su
China Mobile
BeiJing
China
Email: suli@chinamobile.com
Bo Yang
China Mobile
BeiJing
China
Email: yangbo@chinamobile.com
Chen, et al. Expires 19 May 2024 [Page 9]
