Autonomous System Provider Authorization BGP Security

Autonomous System Provider Authorization – ASPA is a new approach for the Path Validation in BGP Information Security.


Only Path Validation Standard in IETF is BGP SEC which is specified in RFC 8205.


In this post, I won’t explain BGPSEC, but basically it works based on encrypting the entire path and useful only if there is full adoption among the Autonomous Systems in Global Internet (Default Free Zone). Main problem though, since entire path is encrypted, resource requirements on the Routers quite significant with BGPSEC. There are two new approaches for Path Validation and both are in Draft state in IETF at the moment.


These are AS-Cones and ASPA which is the purpose of this post.


I discussed ASPA (Autonomous System Provider Authorization)  with the Author of the Draft, Alexander Azimov on how Internet can be made more secure with ASPA which is a new proposal.


Securing Internet is Hard Challenge,Preventing Route Leaks, Hijacks, Malicious Activities are not trivial.Current approaches such as BGPSEC or SoBGP doesn’t work. In this video, also, Origin Validation, Path Validation, SoBGP, BGPSEC, RPKI, ROA, RIR, LIR, Hijacks, Exact Prefix Hijacks, Sub Prefix Hijacks,Route Leaks and many other BGP Security features, techniques and protocols have been discussed.


It is over 2 hours but I think you will learn a lot about Inter-domain routing security. Sharing the video below!






Leave a Comment

Your email address will not be published. Required fields are marked *