Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Client Presentations

COMP 523 PROJECTS
26 August 2013
RYAN THORNBURG
OPEN DATA NC
TESSA NICHOLAS
IVI
IVI: Inquire, Visualize, Innovate
• Queries and visualizations from a corpus of syllabi
Our needs:
• The front-end interface itself
• Text mining algorithms to extract metadata from the corpus
• Visualization algorithms to display results
IVI mockup
For more information
• http://seeingsyllabi.web.unc.edu – my project blog, for more
detail
• http://opensyllabus.org – the Open Syllabus Project, the
branch that is focusing on building the corpus
• http://digitalinnovation.unc.edu/ — the Digital Innovation Lab
• Tessa Joseph-Nicholas, Fellow, Digital Innovation Lab,
tnicholas@cs.unc.edu
ANDREW CHI
RPSTIR
RPSTIR – COMP 523 Option
Relying Party Security Technology for Internet
Routing
Andrew Chi
achi@cs.unc.edu
August 26, 2012
Agenda
•
•
•
•
•
Routing Attacks in the News
BGP in 1 minute
Solution: RPKI
RPSTIR (RPKI validator)
Your mission…
In the News
• 1997: AS 7007 Internet
routing black hole by MAI
(US ISP)
• 2004 TTNet (Turkish ISP)
routes most Internet traffic
through Turkey
• 2008 Pakistan Telecom
YouTube incident
• 2010 China Telecom
incident
Border Gateway Protocol (BGP)
1
367X
67X
3
2367X
7X
6
2
67X
4567X
4
5
567X
NOTE: BGP is complicated. This simplified view highlights the
“path vector” aspect, which is relevant to RPKI/BGPSEC.
7
X = 1.2.3/24
Border Gateway Protocol (BGP)
1
367X
67X
3
1X
7X
6
2
67X
4567X
4
5
567X
“Address space hijacking”: Autonomous System 1 announces a
false advertisement for IP prefix X.
7
X = 1.2.3/24
IETF Solution: RPKI + BGPSEC
1
367X
67X
3
RPKI
2367X
7X
6
2
7
BGPSEC
67X
4567X
4
567X
X = 1.2.3/24
5
The IETF approach splits the problem into two domains: origin
validation (address space ownership) and path validation (multi-hop
routing updates).
• Resource PKI: sign the route originations
• BGPSEC: sign each hop on the AS-path
Resource Public Key Infrastructure
• How do we
determine ownership
of IP address and
Autonomous System
(AS) numbers?
• Resource Public Key
Infrastructure (RPKI)
http://xkcd.com/195/
Resource Public Key Infrastructure
• Internet Assigned Numbers
Authority (IANA) coordinates
hierarchical IPv4/IPv6
assignment, through the 5
Regional Internet Registries
(RIRs), who then suballocate
to ISPs.
Resource Public Key Infrastructure
Credit: Geoff Huston, APNIC
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_121/121_resource.html
RPSTIR (BBN RPKI Validator)
This effort by Raytheon BBN Technologies was supported by the U.S. Department of
Homeland Security's (DHS) Directorate for Science and Technology.
COMP 523 Task
• IPv4 is running out; transfers will increase. But
transfers must be cryptographically validated.
• You will work with me and the BBN team to implement
support for a new Transfer Authorization Object (TAO).
• BBN Team: Steve Kent (Chief Scientist), Karen Seo
(PM), Dave Mandelberg (Software Lead)
• Skills required:
– Strong C, MySQL
• You will learn and use:
–
–
–
–
X.509 public key infrastructure
OpenSSL, Cryptlib
BBN ASN.1 Library
git (distributed version control)
• Contact: achi@cs.unc.edu
References
• IETF Secure Inter-Domain Routing WG docs
– http://datatracker.ietf.org/wg/sidr/
• Routing attacks and RPKI in the news
– http://www.networkworld.com/news/2010/120710-chinese-internet-trafficfix.html
– http://certification-stats.ripe.net/
– https://labs.ripe.net/Members/fhibler/rpki-capable-routers
• BBN RPSTIR software
– http://sourceforge.net/projects/rpstir/
DIANE BRAUNER
BEGINNING BRAILLE APP
GARY BISHOP
TARHEEL READER
TESTING
VISUAL SCHEDULE FOR
AUTISTIC ADULTS
MARIA FERRIS
STAR TAKER
http://game.mpittman.com/
PERCIVAL GUEVERRA
WRITING GROUPS
TUTOR SCHEDULING
LIZ CHEN
MYHEALTHED
Even though the Healthy Youth Act of 2009
mandates comprehensive sex ed for all NC
middle and high school students, thousands
of students in low-resourced schools lack
access to it. MyHealthEd will be an
individualized online sexual health
curriculum that will give students access to
high quality sex ed in school.
We plan to pilot MyHealthEd in NC public
schools in spring 2014. Join our research
team to transform the sexual health
outcomes of teens across the state!
SARAH GUIDI
GAVIN COOMBS
HEALTHY PLACES
PRANAV HARAVU
UNIFIED CAMPUS Y APP
RON CARSON
COMPETITIVE
INTELLIGENCE TOOL
JONATHAN YOUNG
ONLINE ACCOUNT ACCESS
FOR SAVERS
JOHN LITHGOW
JONESBOARD
The Smart Way to Keep Up With The Joneses
Organizing the demand pool for services:
Travel between work sites imposes huge transaction costs on service
providers. Even with 4 jobs within 15 minutes of their shop ( ) vendors can
spend more than an hour on the road.
4 hrs work billed @ $75/hr.
1:20 travel.
36 miles @ $.50/mile = $18.00
$282/5.33 hrs. = $53/hr. effective
pay rate.
4 hrs billed @ $60/hr.
0:27 travel.
10.5 miles @ $.50/mile = $5.25.
234.75/4.45 hrs. = $53/hr. effective pay
rate.
ROCKY GOLDSMITH
X-SNAP
KEVIN LANNING
SYSTEMS ADMINISTRATIVE
INITIATIVE
CRISTOBAL PALMER
GNU MAILMAN TOOLS
MATT LEMING
CAROLINA MOBILE APP
PAVEL KRAJCEVSKI
COMPRESSION
COMPARISONS
JACK SNOEYINK
Q/A SITE
DAVID STOTTS
WEB-BASED TUPLE SPACE
NICK JYOTHINAGARAM
INDIAN NGOS
Related documents
RPKI and Routing Security
RPKI and Routing Security
Networks and Distributed Systems: Project Ideas
Networks and Distributed Systems: Project Ideas
Chapter 10
Chapter 10
Slides
Slides
NetworkDesign...cont
NetworkDesign...cont
The Profile for Algorithms and Key Sizes for Use in the Resource
The Profile for Algorithms and Key Sizes for Use in the Resource
WELCOME TO PHYSICS 116!
WELCOME TO PHYSICS 116!
Introduction to Networking (ITN)
Introduction to Networking (ITN)
National Trends in State Funding
National Trends in State Funding
Example 1 - Institute for Healthcare Improvement
Example 1 - Institute for Healthcare Improvement
presentationThis link will open in a new window
presentationThis link will open in a new window
Essay Writing - University Career Services
Essay Writing - University Career Services
BGP—Origin AS Validation
BGP—Origin AS Validation
Measuring and Verifying Your College`s Energy Savings
Measuring and Verifying Your College`s Energy Savings
IETF Needs you
IETF Needs you
Network protocol - Winona State University
Network protocol - Winona State University
CCNP Network Route -BGP Part
CCNP Network Route -BGP Part
From the Consent of the Routed:
From the Consent of the Routed:
Firewall on Demand multidomain A top-down approach
Firewall on Demand multidomain A top-down approach
Published RFC
Published RFC
Download