Securing the Critical Internet Infrastructure is an ongoing challenge for operators that require collaboration across administrative boundaries. Last September something exceptional happened in Ecuador, a small South American country. The entire local network operation community got together to be pioneers in securing its local Internet infrastructure by registering its networks in the Resource Public Key Infrastructure (RPKI) system and implementing secure origin AS validation. This project is a great example on how a global technology change can be accelerated by maximizing its value to local communities.
The global inter-domain routing infrastructure depends on the BGP protocol that was initially developed in the early 90s. Operators know that a number of techniques are needed to improve BGP security (a good reference can be found here). Although these improvements, it is still possible to impersonate the entity with the right of use of Internet resources and produce a prefix hijack as the famous attack in 2007. The IETF, vendors and Regional Internet Registries have been working inside the SIDR working group to create technologies that allow the cryptographic validation. The initial outcomes of this effort have been the RPKI and the BGP origin AS validation; two complementary technologies that work together to improve inter-domain routing security.