In multi-domain backbone networks, the Path Computation Element (PCE) architecture provides effective traffic engineering while limiting the exposure of intra-domain information. However, returned path computations may still reveal confidential intra-domain information, if artfully correlated by a malicious PCE. In such cases, the cooperation among PCEs should consider not only the capability of providing feasible paths but also the likelihood of security breaches (e.g., confidentiality risk exposure). In fact, a PCE might have the interest to block a request if it is arriving from a malicious or a competitor provider. In this scenario, the PCEs cooperation could benefit from a trust management model that accounts for the quality of the past interactions in terms of security violations while avoiding abuse of path computation services. This work introduces the concepts of Trust Ranking and Quality of Interaction in PCE-based multi-domain backbone networks and elaborates a Bayes trust model to regulate the cooperation among PCEs. Specifically, the proposed trust management model aims at creating a common interest for the PCEs in contributing to effective traffic engineering while avoiding misuse of path computation services. Accordingly, we further propose a trust-aware PCE architecture and an incentive-compatible decision model that stimulate the behaviors of PCEs towards an effective cooperation. Simulation results show that the proposed trust model provides effective incentive-compatible service differentiation to collaborating domains and is effective in detecting malicious PCE behaviors thereby tuning the amount of information returned in the path computation replies.
An incentive-compatible and trust-aware multi-provider path computation element (PCE)
GHARBAOUI, Molka;MARTINI, BARBARA;PAOLUCCI, Francesco;GIORGETTI, Alessio;CASTOLDI, Piero
2016-01-01
Abstract
In multi-domain backbone networks, the Path Computation Element (PCE) architecture provides effective traffic engineering while limiting the exposure of intra-domain information. However, returned path computations may still reveal confidential intra-domain information, if artfully correlated by a malicious PCE. In such cases, the cooperation among PCEs should consider not only the capability of providing feasible paths but also the likelihood of security breaches (e.g., confidentiality risk exposure). In fact, a PCE might have the interest to block a request if it is arriving from a malicious or a competitor provider. In this scenario, the PCEs cooperation could benefit from a trust management model that accounts for the quality of the past interactions in terms of security violations while avoiding abuse of path computation services. This work introduces the concepts of Trust Ranking and Quality of Interaction in PCE-based multi-domain backbone networks and elaborates a Bayes trust model to regulate the cooperation among PCEs. Specifically, the proposed trust management model aims at creating a common interest for the PCEs in contributing to effective traffic engineering while avoiding misuse of path computation services. Accordingly, we further propose a trust-aware PCE architecture and an incentive-compatible decision model that stimulate the behaviors of PCEs towards an effective cooperation. Simulation results show that the proposed trust model provides effective incentive-compatible service differentiation to collaborating domains and is effective in detecting malicious PCE behaviors thereby tuning the amount of information returned in the path computation replies.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.