U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

SP 800-189

Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation

Date Published: December 2019

Supersedes: SP 800-54 (07/17/2007)

Planning Note (4/27/2021): The NIST RPKI Monitor is a test and measurement tool designed to monitor the dynamics of the global Resource Public Key Infrastructure (RPKI) and the impact of RPKI Route Origin Validation (ROV) on Internet routing. Its purpose is to provide measurement data and analyses to the research, standardization, and operations communities necessary to improve the trust and confidence in the underlying technologies.  

Author(s)

Kotikalapudi Sriram (NIST), Douglas Montgomery (NIST)

Abstract

Keywords

routing security and robustness; Internet infrastructure security; Border Gateway Protocol (BGP) security; prefix hijacks; IP address spoofing; distributed denial-of-service (DDoS); Resource Public Key Infrastructure (RPKI); BGP origin validation (BGP-OV); prefix filtering; BGP path validation (BGP-PV); BGPsec; route leaks; source address validation (SAV); unicast Reverse Path Forwarding (uRPF); remotely triggered black hole (RTBH) filtering; flow specification (Flowspec)
Control Families

None selected

Documentation

Publication:
SP 800-189 (DOI)
Local Download

Supplemental Material:
NIST RPKI Deployment Monitor (web)

Document History:
12/17/18: SP 800-189 (Draft)
10/17/19: SP 800-189 (Draft)
12/17/19: SP 800-189 (Final)

Topics

Security and Privacy
configuration management; public key infrastructure; threats

Technologies
networks

Applications
communications & wireless