The Internet is today intertwined with many aspects of our society. With the increasing digitalization, the dependencies on communication continue to increase. Its unavailability prevents us from making purchases, using public transportation, and communicating with others – essentially living our modern lives. The current Internet has not primarily been built with security and high availability in mind. Attempts to fix these fundamental problems by evolving current systems have limited success.

WHAT IS SCION?

SCION (Scalability, Control, and Isolation On Next-generation networks) is a secure and reliable inter-domain routing protocol, designed from inception to enhance network control and transparency for communicating parties. SCION offers three unique properties critical for business communication: path control, reliability, and security. Designed by researchers at ETH Zürich, and other partner institutions, it is now deployed for critical communication by the finance industry. Switzerland’s government, military and healthcare system are evaluating the use of the SCION technology for themselves in the near future.

SCION At a Glance

Core properties

• Explicit Trust SCION Networks are grouped in ISolation Domains (ISD), establishing a uniform trust environment. ISDs provide transparency and control over the roots of trust that need to be relied upon. A compromised or faulty ISD does not affect others, allowing sovereign network operation.
• Routing A distributed control plane constructs and disseminates path segments. Routing information is protected cryptographically. SCION is used for inter-domain routing only, allowing ISPs to reuse existing intra-domain network infrastructure.
• Packet Forwarding SCION hosts combine path segments into end to end paths. Packets carry authenticated forwarding state, so routers are simple and efficient thanks to the absence of inter-domain forwarding tables.
  Legacy IP hosts can benefit from SCION thanks to a SCION IP Gateway (SIG).

How does it work

As a path-based architecture, SCION end hosts learn about available network path segments, and combine them into end-to-end paths that are carried in packet headers. Thanks to embedded cryptographic mechanisms, path construction is constrained to the route policies of ISPs and receivers, offering path choice to all the parties: senders, receivers, and ISPs. This approach enables path-aware communication, an emerging trend in networking. These features also enable multi-path communication, which is an important approach for high availability, rapid failover in case of network failures, increased end-to-end bandwidth, dynamic traffic optimization, and resilience to DDoS attacks.

The Ecosystem

With growing adoption, SCION is evolving into a global ecosystem of providers, users, vendors, and researchers.

Finance

SCION powers the the Secure Swiss Finance Network (SSFN) to provide a highly reliable and secure communication fabric for financial institutions.

Healthcare

The Swiss healthcare system can leverage the SCION-based HIN Vertrauensraum for secure communication.

Power

The use of SCION is being evaluated for use in the power industry.

Education

SCION Education network

Vendors

• Anapaya

Telecoms

SCION empowers ISPs and service providers to establish new products and services – even enabling completely new business models. Some existing SCION offerings:

• Cyberlink
• InfoGuard
• InterCloud
• GEANT
• LG U+
• Sunrise
• Swiss-IX (SCION peering)
• Swisscom
• SWITCH
• Telindus
• VTX

Integrators

• libC SwissPKI
• Eraneos

Research and Education

• SCIONLab global R&D testbed
• SCION Education Network

SCION Research Website

Resources

Resources