Email is a crucial technology used in daily interactions of citizens, enterprises and organizations with their respective governments. In this work we are concerned with the country-wide network architecture of mail domains of public administrations. We analyze a dataset of government mail domains in Italy, Germany, the United Kingdom and the United States of America in order to investigate the opportunities for a network attacker to violate security properties of email communication, including availability, in large portions of a country. Issues of this kind are particularly relevant in times of high international tension and in which every country should treat its networks as a potential target for other countries. We define a framework for describing the opportunities for a network attacker in the resolution of mail domain names, resolution of mail server names, access to a mail server. Based on this framework, we investigate in detail a number of issues related to redundancy and distribution of dependencies among networks and autonomous systems. We also analyze the usage in the access to mail domains of Route Origin Authorization (ROA), an important defensive technology for detecting attacks at the IP routing level. Our analysis allows gaining important insights into the actual network architecture of such an important piece of critical infrastructure as government mail domains.
Network architecture and ROA protection of government mail domains: A case study
Bartoli A.
2023-01-01
Abstract
Email is a crucial technology used in daily interactions of citizens, enterprises and organizations with their respective governments. In this work we are concerned with the country-wide network architecture of mail domains of public administrations. We analyze a dataset of government mail domains in Italy, Germany, the United Kingdom and the United States of America in order to investigate the opportunities for a network attacker to violate security properties of email communication, including availability, in large portions of a country. Issues of this kind are particularly relevant in times of high international tension and in which every country should treat its networks as a potential target for other countries. We define a framework for describing the opportunities for a network attacker in the resolution of mail domain names, resolution of mail server names, access to a mail server. Based on this framework, we investigate in detail a number of issues related to redundancy and distribution of dependencies among networks and autonomous systems. We also analyze the usage in the access to mail domains of Route Origin Authorization (ROA), an important defensive technology for detecting attacks at the IP routing level. Our analysis allows gaining important insights into the actual network architecture of such an important piece of critical infrastructure as government mail domains.File | Dimensione | Formato | |
---|---|---|---|
1-s2.0-S0140366423000403-main.pdf
accesso aperto
Tipologia:
Documento in Versione Editoriale
Licenza:
Creative commons
Dimensione
4.09 MB
Formato
Adobe PDF
|
4.09 MB | Adobe PDF | Visualizza/Apri |
1-s2.0-S0140366423000403-main-Post_print.pdf
embargo fino al 10/02/2025
Tipologia:
Bozza finale post-referaggio (post-print)
Licenza:
Creative commons
Dimensione
4.52 MB
Formato
Adobe PDF
|
4.52 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.