SCION Five Years Later: Revisiting Scalability, Control, and Isolation on Next-Generation Networks

The Internet has been successful beyond even the most optimistic expectations. It permeates and intertwines with almost all aspects of our society and economy. The success of the Internet has created a dependency on communication as many of the processes underpinning the foundations of modern society would grind to a halt should communication become unavailable. However, much to our dismay, the current state of safety and availability of the Internet is far from being commensurate given its importance. Although we cannot conclusively determine what the impact of a 1-minute, 1-hour, 1-day, or 1week outage of Internet connectivity on our society would be, anecdotal evidence indicates that even short outages have a profound negative impact on governmental, economic, and societal operations. To make matters worse, the Internet has not been primarily designed for high availability in the face of malicious actions by adversaries. Recent patches to improve Internet security and availability have been constrained by the current Internet architecture, business models, and legal aspects. Moreover, some of the fundamental design decisions of the current Internet inherently complicate secure operation. To address these issues, we study the design of a next-generation Internet architecture that provides a fundamental building block: highly available point-to-point communication. In addition to availability, the architecture should offer security by design, it should provide incentives for deployment, and it should consider economic and political issues at the design stage. As a solution to address these desired properties, we propose the inter-domain network architecture SCION, which is also an acronym for Scalability, Control, and Isolation on Next-Generation Networks. In this article, we present (a retrospective of) its goals and design decisions, its attacker model and limitations, and 5 years of research conducted since the initial publication [62].