Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
SCION : a secure Internet architecture
Perrig A., Szalachowski P., Reischuk R., Chuat L., Springer International Publishing, New York, NY, 2017. 432 pp. Type: Book (978-3-319670-79-9)
Date Reviewed: Nov 16 2018

Researchers, graduate students, and deep practitioners in the Internet systems domain shouldn’t miss out on this body of work. It describes the essential elements of SCION--“an acronym for scalability, control, and isolation on next-generation networks”--and its architecture prototype (V1.0).

It is impossible to imagine a world without the Internet. This ubiquitous infrastructure of the modern economy evolved to its current state over the past four decades. Those who build and operate contemporary Internet systems and components realize its scalability/availability limitations and vulnerability. They dread malicious actions by miscreants that could cause huge losses for individuals, businesses, economies, and societies. This book is therefore very relevant for those involved in inventing and re-engineering the Internet and/or its components for the better.

The issues that SCION focuses on are security/authentication, trust, and establishing “the point-to-point communication fabric in a mobility-centric architecture.” The properties of the SCION architecture are very relevant for a myriad of crucial services, including financial services, blockchain-based solutions, command-and-control infrastructures (for example, Internet of Things (IoT) solutions), and government/military applications. Internet service providers (ISPs) and end users can deploy SCION without “substantial changes to the existing infrastructure.”

Over the past decade, Perrig et al. have created a body of knowledge and experiments, that is, the SCION project and this elegant companion book. Most of the work behind this project came from ETH Zurich and CyLab at Carnegie Mellon University. The beauty of this book is its sharp focus on the subject matter and thoughtful presentation style.

An isolation domain (ISD)--SCION’s fundamental building block--provides strong security guarantees. An ISD is the essential mechanism “for achieving the properties of high availability, transparency, scalability, and ... heterogeneous trust.” It is a logical group of autonomous systems governed by a policy-driven configuration. There are well-defined routing mechanisms among ISDs and inside an ISD. SCION defines control and data plane elements for providing end-to-end paths, control plane isolation, and assured ways for packet forwarding in multipath communication, secured by multiple security mechanisms. The authentication infrastructure of SCION relies on a novel concept called trust root configuration (TRC), which defines a dataset used by all authentication procedures. Specific chapters are dedicated to presenting new contributions in bandwidth reservation, path tracing, the dynamically recreatable key (DRKey), and other novel concepts. The book concludes with an analysis and evaluation of the ideas presented. The bibliography is extensive with 267 entries.

The well-organized presentation starts with architecture vision and an overview. As the reader progresses through the chapters, the topics become more narrow, that is, more in-depth aspects of specific mechanisms, with clearly identified examples. A diamond symbol identifies those chapters and sections that discuss key new contributions, making it easy for readers to quickly identify chapters of interest. The writing is precise and easy to comprehend for those who know the underlying principles.

This book must be included in the essential literature study for researchers formulating problems and comprehending trends related to redesigning the Internet. It is a well-suited reference book for a semester course, with lab work for advanced students of networking/data communication design.

Readers must have fundamental knowledge of the Internet systems architecture, network design components, cryptographic key infrastructure, and cyber security elements. Therefore, this book is for neither beginners in Internet design nor industry practitioners looking for immediately applicable information on securing their infrastructures and applications on the Internet.

This book does a fantastic job of presenting the SCION team’s decade-long work. For aspiring SCION collaborators, it is a treasure.

Reviewer:  Sundara Nagarajan Review #: CR146323 (1902-0010)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Internet (C.2.5 ... )
 
 
Internet (H.4.3 ... )
 
 
Security and Protection (K.6.5 )
 
 
Data Encryption (E.3 )
 
 
Performance of Systems (C.4 )
 
Would you recommend this review?
yes
no
Other reviews under "Internet": Date
The corporate intranet
Bernard R., John Wiley & Sons, Inc., New York, NY, 1996. Type: Book (9780471149293)
Jun 1 1998
The Internet book (2nd ed.)
Comer D., Prentice-Hall, Inc., Upper Saddle River, NJ, 1998. Type: Book (9780138901615)
Sep 1 1998
Delivering voice over IP networks
Minoli D., Minoli E., John Wiley & Sons, Inc., New York, NY, 1998. Type: Book (9780471254829)
Dec 1 1998
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy