SCION Internet Architecture Workshop

SCION (Scalability, Control, and Isolation on Next-Generation Networks) is the first clean-slate Internet architecture designed to fundamentally solve many security issues of today's Internet through route control, failure isolation, and explicit trust information. Conceived 2009 and in production 2017, the native (BGP-free) SCION network spans 7 ISPs over 2 continents. The global research network SCIONLab with ASes in America, Asia, and Europe, which is freely available to researchers worldwide.

This tutorial will give an overview of the SCION architecture, its open-source implementation, and provide hands-on exercises on the SCIONLab testbed. Attendees will run a full-fledged AS within a virtual machine, connect it to the global research testbed. Guided exercises explore SCION's security features such as its control-plane public-key infrastructure (PKI), observe its routing protocol, and multipath capabilities enabled by end-host path selection and packet-carried forwarding state.

One of the key capabilities of SCION is Path Aware Networking (PAN). This allows the network consumer to dictate network policy for each outbound network connection. For example, n application might request a high bandwidth as the data replication path over two redundant paths (network providers) that stay within the US for the data replication. The same application might request a second low latency path for the control messages. The result being multiple different network paths being used all controlled by the network user - rather than the ISP.

Attendees will need to bring a laptop with a SSH client, web browser, and an email account (to register their new SCION AS). The event WiFi will be used to access the remote infrastructure.

Basic Linux CLI (command line interface) knowledge is required. No prior knowledge of SCION is expected or required.

Attendees will have access to the environment for a few days following the workshop.