Security issues on inter-domain routing with QoS-CMS mechanism

Abstract

Ensuring end-to-end Quality of Service for traffic that traverse multiple Autonomous Systems (AS) is today a major challenge for ISPs. The QoS requirement became inevitable with the evolution of the amount of traffic flowing over the Internet, and also of the important diversity of these traffic types. Each type of traffic requires a specific QoS parameters. To respond to this need, we proposed in a previous work a new mechanism which is mainly based on Class Manager server set in each AS and can provide the same traffic QoS guarantees even during the passage through several ASs. These Class Manager Servers collect information concerning quality of service set up within the AS, and then they exchange them. This exchange may present a serious security weakness of all the architecture, and it can be an important vulnerability of the whole network. In this paper, we discuss the main security issues of the proposed mechanism, concerning the communication between the CM server and the internal routers and also the exchange between the CM Servers. We give an architecture to avoid vulnerablity during the exchange of information.