Summary: BGP enables as a network of networks, and is also a network of trust. The most clear instantiation of that trust is the updating of router tables based on unsubstantiated announcements. The positive result of this trust is that the network can be extremely responsive to failures, and recover quickly. Yet the very trust that enables resilience creates risks from behavior lacking either technical competence or benevolence. Threats to the control plane have included political interference, misguided network configurations, and other mischief. Our goal is to look at solutions that treat BGP as an economic political artifact that embeds trust, and change the game in BGP defense.One step is to classify route updates along a continuum of trust, exploring new algorithms that will give a measure of integrity assurance to BGP updates. We have explored the application of machine learning techniques with the variety of data available (technical, rates of change, economic, and geopolitical) as network topology is changed via BGP updates in order to generate probabilistic (not only cryptographic) trust indicators for those changes. With this understanding, we develop technologies that embed economic incentives that have immediate value to the adopting party and also have second order system-wide security properties. In this talk I begin with the definition of the problem as economic, describe empirical work in macro-economics of security, and close with the description of an example solution called Bongo.' About the speaker: Jean Camp is a Professor at the School of Informatics and Computing at Indiana University. She joined Indiana after eight years at Harvard's Kennedy School where her courses were also listed in Harvard Law, Harvard Business, and the Engineering Systems Division of MIT. She spent the year after earning her doctorate from Carnegie Mellon as a Senior Member of the Technical Staff at Sandia National Laboratories. She began her career as an engineer at Catawba Nuclear Station and with a MSEE at University of North Carolina at Charlotte. Her research focuses on the intersection of human and technical trust, levering economic models and human-centered design to create safe, secure systems. She is the author of two monographs. In addition, she has authored more than one hundred fifty publications, including more than one hundred peer-reviewed publications.
