US 12,363,175 B2
Advertising BGP destination secure path requirement in global internet
Swadesh Agrawal, Fremont, CA (US); Dhananjaya Kasargod Rao, Sunnyvale, CA (US); Jakob Heitz, Santa Clara, CA (US); and Eric Voit, Bethesda, MD (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 19, 2021, as Appl. No. 17/406,321.
Prior Publication US 2023/0054738 A1, Feb. 23, 2023
Int. Cl. H04L 29/06 (2006.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 45/00 (2022.01); H04L 45/02 (2022.01); H04L 45/74 (2022.01)
CPC H04L 63/205 (2013.01) [H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); H04L 45/02 (2013.01); H04L 45/54 (2013.01); H04L 45/74 (2013.01); H04L 63/10 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, at a network node, an advertisement message for a network route including an IP address prefix;
receiving, at the network node, a route origin authorization associated with the IP address prefix, the route origin authorization including a digital signature and a security requirement of a route to a destination that corresponds to the IP address prefix, wherein the security requirement is a score that dictates determination of the route based on factors including one or more of geographical regions, hardware features, and software features network nodes present in the route;
utilizing, by the network node, the security requirement to determine the route by determining one or more additional network nodes that satisfy the security requirement to yield a determination, wherein the determination is made by analyzing a Trusted Platform Module (TPM) of each of the one or more additional network nodes; and
routing, by the network node, the network traffic to the IP address prefix using the route.