HSM ÀÚ·á½Ç °ü·ÃÀڷḦ ´Ù¿î·Îµå ¹ÞÀ» ½Ç ¼ö ÀÖ½À´Ï´Ù.
MANRS ¿Í RPKI ¼Ò°³ |
µî·ÏÀÏ | 2016-03-14 |
Á¶È¸¼ö | 1491 |
MANRS(Mutually Agreed Norms for Routing Security)¶õ, InternetÀÇ Routing ±â´ÉÀÇ º¸¾È Ãë¾àÁ¡À» °³¼±Çϱâ À§ÇØ, Internet Society(ISOC)°¡ 2014³â ¸»¿¡, nine network operator(ISP) µé°ú ÇÔ²² ¸¸µç Ç¥ÁØÀÔ´Ï´Ù(Áö±Ý MANRS ÇÁ·Î±×·¥¿¡ Âü¿©ÇÏ°í ÀÖ´Â member ¼ö´Â 40 À̶ó°í ÇÕ´Ï´Ù). º¯Á¶µÈ source IP address¸¦ °¡Áø trafficÀ» ¹æÁöÇÏ°í(º¯Á¶µÈ Source IP address´Â DDoS °ø°Ý¿¡ »ç¿ëµÇ¾î Áö¹Ç·Î, DDoS attackÀ» ¸·´Â ¹æ¹ý ÁßÀÇ Çϳª¶ó°í ÇÔ), routing Á¤º¸¸¦ validationÇÏ¿©, ÀڽŵéÀÇ network¸¦ ÅëÇØ À߸øµÈ routing Á¤º¸°¡ ÀüÇØÁö´Â °ÍÀ» ¹æÁöÇϱâ À§ÇÑ ±â´ÉÀ» Á¤ÀÇÇÑ Ç¥ÁØÀÔ´Ï´Ù. ISOC¿¡ ÀÇÇϸé, »ê¾÷°è ISPµéÀÌ MANRS¸¦ ±¸ÇöÇÏÁö ¾Ê´Â ÀÌÀ¯´Â, Routing Security ½É°¢¼ºÀ» ¸ð¸£°í Àְųª, ¹®Á¦Á¡À» FixÇÒ Àü¹®Àû Áö½ÄÀ» °¡Áö°í ÀÖÁö ¸øÇϱ⠶§¹®À̶ó°í ÇÕ´Ï´Ù. µû¶ó¼ ISOC ¿Í MANRS ¸â¹öµéÀº ¸í·áÇÑ ±¸Çö Áöħ¼¸¦ Á¦°øÇÏ´Â BCOP(Best Current Operational Practices) ¹®¼¸¦ ¸¸µé°í ÀÖ´Ù°í ÇÕ´Ï´Ù. Àü¼¼°è InternetÀÇ ¾à 80%¸¦ Â÷ÁöÇÏ´Â ¼Ò±Ô¸ðÀÇ Áö¿ª ISP¸¦ Áö¿øÇϱâ À§ÇÑ ¸ñÀûÀ̶ó°í ÇÕ´Ï´Ù. MANRS¿¡ ÀÇÇØ Á¦½ÃµÈ ¹æ¾î ±â¼úÀº ¿Ïº®ÇÏÁø ¾ÊÁö¸¸, °ø°ÝÀÚµéÀÇ ¹üÀ§¸¦ ÁÙ¿© ÁÙ °ÍÀ̶ó°í ÇÕ´Ï´Ù. ISOC´Â ¸ðµç Áö¿ª ISPµé¿¡°Ô MANRS¸¦ ±¸ÇöÇÏ´Â Project¿¡ Âü¿© Çϱ⸦ È£¼ÒÇÏ°í ÀÖ½À´Ï´Ù. MANRS´Â 4°¡Áö ActionÀ» ±ÔÁ¤ÇÏ°í ÀÖ½À´Ï´Ù. Action #1 : À߸øµÈ Routing Á¤º¸°¡ ÀüÆĵǴ °ÍÀ» ¸·¾Æ¾ß ÇÑ´Ù. Action #2 : º¯Á¶µÈ Source IP address¸¦ °¡Áø TrafficÀ» ¸·¾Æ¾ß ÇÑ´Ù. Action #3 : Network Operator »çÀÌÀÇ Global operational communication °ú coordinationÀ» ¿ëÀÌÇÏ°Ô ÇØ¾ß ÇÑ´Ù. Action #4 : Global scale·Î Routing Á¤º¸¸¦ Validation ÇØ¾ß ÇÑ´Ù. RPKI(Resource Public Key Infrastructure) systemÀ» ÅëÇϸé, MANRSÀÇ Action #4¸¦ Á» ´õ ¾ÈÀüÇÏ°Ô ±¸ÇöÇÒ ¼ö ÀÖ½À´Ï´Ù. (Âü°í·Î, ÀϺ» JPNIC´Â ÀÌ¹Ì RPKI systemÀ» ±¸ÇöÇÏ¿´À¸¸ç, HSM Àåºñ(KeyperPlus)¸¦ »ç¿ëÇÏ°í ÀÖ½À´Ï´Ù, Çѱ¹ÀÇ KISA(KRNIC ¿î¿µ±â°ü)´Â 2016³âµµ¿¡ RPKI ½ÃÇè½Ã½ºÅÛÀ» ±¸ÃàÇÏ´Â °èȹÀ» °¡Áö°í ÀÖ´Ù°í ÇÕ´Ï´Ù. ) <Âü°íÀÚ·á> Fixing the Internet¡¯s routing security is urgent and requires collaboration, NETWORKWORLD Feb 26th, 2016, by Lucian Constantin Mutually Agreed Norms for Routing Security (MANRS) ; https://www.routingmanifesto.org/manrs/ |
|