One of the important directions for improving modern Wide Area Networks is efficient and secure packet routing. Efficient routing is often based on using the shortest paths, while ensuring security involves preventing the possibility of packet interception. The work is devoted to improving the security of data transmission in IP networks. A new approach is proposed to minimize the number of distrustful nodes on the path of IP packet transmission. By a distrustful node, we mean a node that works correctly in terms of hardware and software and fully implements its data transport functions, but from the point of view of its organizational subordination, we are not sure that the node will not violate security rules to prevent unauthorized access and interception of data. A distrustful node can be either a transit or an end node. To implement this approach, we modified Dijkstra’s shortest path tree construction algorithm. The modified algorithm ensures that we obtain a path that will pass only through trustful nodes, if such a path exists. If there is no such path, the path will have the minimum possible number of distrustful intermediate nodes. The number of intermediate nodes in the path was used as a metric to obtain the shortest path trees. Routing tables of routers, built on the basis of trees obtained using a modified algorithm, provide increased security of data transmission, minimizing the use of distrustful nodes.
Read full abstract