14.6. Conclusion

In this chapter, we present a traffic engineering perspective for resilient services, including an illustration. We discuss the key components needed in the resilient network architecture so that such an adaptive environment is possible, especially to guard against both insider and outsider attacks on a routing infrastructure.

To summarize, the basic problem domain leads us to consider a virtualized trusted routing and provisioning domain, which is complemented with an adaptive traffic engineering mechanism in a semi-reservation-oriented mode to provide prioritized services, especially for resiliency under attacks or overload conditions. We present mechanisms to extend the link-state routing protocol to facilitate such an environment.

There are many issues that remain to be addressed. For instance, when many virtualized domains are created, is there any routing stability problem? In a multiprovider environment, how can the trustedness of different information be extended, and how can the secure group communication framework be applied? How does the routing framework interact with distributed controls? Furthermore, scalability of secure group communication in a large network environment is another direction to explore. We are currently investigating these issues.