Email is a crucial technology used in daily interactions of citizens, enterprises and organizations with their respective governments. In this work we are concerned with the country-wide network architecture of mail domains of public administrations. We analyze a dataset of government mail domains in Italy, Germany, the United Kingdom and the United States of America in order to investigate the opportunities for a network attacker to violate security properties of email communication, including availability, in large portions of a country. Issues of this kind are particularly relevant in times of high international tension and in which every country should treat its networks as a potential target for other countries. We define a framework for describing the opportunities for a network attacker in the resolution of mail domain names, resolution of mail server names, access to a mail server. Based on this framework, we investigate in detail a number of issues related to redundancy and distribution of dependencies among networks and autonomous systems. We also analyze the usage in the access to mail domains of Route Origin Authorization (ROA), an important defensive technology for detecting attacks at the IP routing level. Our analysis allows gaining important insights into the actual network architecture of such an important piece of critical infrastructure as government mail domains.

Network architecture and ROA protection of government mail domains: A case study

Bartoli A.
2023-01-01

Abstract

Email is a crucial technology used in daily interactions of citizens, enterprises and organizations with their respective governments. In this work we are concerned with the country-wide network architecture of mail domains of public administrations. We analyze a dataset of government mail domains in Italy, Germany, the United Kingdom and the United States of America in order to investigate the opportunities for a network attacker to violate security properties of email communication, including availability, in large portions of a country. Issues of this kind are particularly relevant in times of high international tension and in which every country should treat its networks as a potential target for other countries. We define a framework for describing the opportunities for a network attacker in the resolution of mail domain names, resolution of mail server names, access to a mail server. Based on this framework, we investigate in detail a number of issues related to redundancy and distribution of dependencies among networks and autonomous systems. We also analyze the usage in the access to mail domains of Route Origin Authorization (ROA), an important defensive technology for detecting attacks at the IP routing level. Our analysis allows gaining important insights into the actual network architecture of such an important piece of critical infrastructure as government mail domains.
2023
10-feb-2023
Pubblicato
https://www.sciencedirect.com/science/article/pii/S0140366423000403
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S0140366423000403-main.pdf

Accesso chiuso

Tipologia: Documento in Versione Editoriale
Licenza: Copyright dell'editore
Dimensione 4.09 MB
Formato Adobe PDF
4.09 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11368/3040658
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact