US 12,149,626 B1
Applying attestation to BGP-LS
Clarence Filsfils, Brussels (BE); Peter Psenak, Bratislava (SK); Ketan Jivan Talaulikar, Pune (IN); and Paul W. Wells, Eden Prairie, MN (US)
Assigned to CISCO TECHNOLOGY, INC., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Nov. 8, 2019, as Appl. No. 16/678,663.
Claims priority of provisional application 62/829,468, filed on Apr. 4, 2019.
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 43/0811 (2022.01)
CPC H04L 9/3234 (2013.01) [H04L 43/0811 (2013.01); H04L 63/0209 (2013.01)] 20 Claims
OG exemplary drawing
 
1. An apparatus of a Border Gateway Protocol-Link State (BGP-LS) environment, the apparatus comprising:
a crypto-processor;
one or more processors; and
one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions operable when executed by the one or more processors to cause the one or more processors to perform operations comprising:
receiving an attestation token generated by the crypto-processor;
generating a determination of whether the attestation token is valid;
computing a trust level for a first component based at least on the determination of whether the attestation token is valid;
encoding a Node Network Layer Reachability Information (NLRI) type, the trust level and the attestation token in a BGP-LS signaling message, wherein the trust level represents a level of trustworthiness of the NLRI type; and
sending the BGP-LS signaling message with the trust level and the encoded attestation token to a second component of the BGP-LS environment.