Geographic tagging of Routing and Forwarding
Geographic tagging and discovery of Internet Routing and Forwarding
SCION is the first clean-slate Internet architecture designed to provide route control, failure isolation, and explicit trust information for end-to-end communication. As a path-based architecture, SCION end-hosts learn about available network path segments, and combine them into end-to-end paths, which are carried in packet headers. By design, SCION offers transparency to end hosts with respect to the path a packet travels through the network. This has numerous applications related to trust, compliance, and also privacy. By better understanding of the geographic and legislative context of a path, users can for instance choose trustworthy paths that best protect their privacy. Or avoid the need for privacy intrusive and expensive CDN's by selecting resources closer to them. SCION is the first to have such a decentralised system offer this kind of transparency and control to users of the network.
- The project's own website: https://scion-architecture.net
Why does this actually matter to end users?
More and more commercial and public services are digitized and even completely replaced by online platforms and communication channels. For users, businesses and governments, this raises important questions regarding privacy and security. The data created and shared in or between hospitals, banks, companies or municipalities can be sensitive, deeply personal and potentially harmful when it ends up in the wrong hands. All manners of security and privacy protection walls are put in place to prevent this from happening, which nevertheless do not prevent regular and large scale data leaks that sometimes cause real damage to people.
Instead of creating workarounds and improvising defenses for vulnerable points in the route information travels on the internet, SCION instead wipes the slate clean and designs an internet that is secure and private by design. This alternative internet architecture offers users (as well as internet service providers or ISPs) overview and control of their online communication. SCION can ensure path-aware communication where only senders, receivers and ISPs are allowed to set the rules for precisely how internet traffic should be routed across networks and servers, protecting the privacy of everyone involved and ensuring users and hosts have high availability, bandwidth and little to know vulnerabilities to for example DDoS attacks.
This project wants to give users and network administrators even more control over how data and communication travels by adding specific geographic data to the road traveled. For example, where is the datacenter or internet exchange point that this particular internet route uses located? This is especially relevant for data and information that is commercially, politically or technically sensitive and that should not end up in a particular country or be forwarded by a party that is known to snoop or censor. In these cases it may not be enough to construct the most optimal or available route, but also the best protected and trustworthy one.
Run by Anapaya Systems
This project was funded through the NGI0 Discovery Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.
