基于事实所有权的RPKI缓存更新冲突检测机制

随着RPKI覆盖的域间网络的范围不断扩大,RPKI在实际部署中的数据同步一致性的问题,运维失误和权威机构权力滥用的风险已成为影响RPKI全面部署的主要障碍.本文提出了一种基于事实所有权的RPKI缓存更新冲突检测机制.该机制利用反向RTR协议与RPKI数据层级分发架构进行事实路由起源信息的采集与同步,并通过比较事实路由起...

Fact Ownership-based Conflict Detection Scheme for RPKI Cache Update

As the resource public key infrastructure (RPKI) coverage of the inter-domain network expands, the consistency of RPKI data synchronization in the actual deployment, the risk of operational errors and abuse of authority power have become major obstacles to the full deployment of RPKI. This study presents a scheme for detecting conflicts of updating RPKI cache based on fact ownership of route origin. This scheme uses reverse RTR protocol and multi-layer transmission architecture of RPKI data to collect and synchronize fact route origin information. Then, it compares fact route origin information and RPKI cache update data to detect conflicting data of RPKI cache update, which ensures authenticity and effectiveness of RPKI cache. Finally, the data synchronization efficiency and detection performance of this scheme are compared with those of other schemes. The experimental results show that this scheme has some detection advantages.