Abstract
Active networks allow user-controlled network programmability. A security framework has to assure that an active networks infrastructure will behave as expected and will efficiently deal with malicious attacks, unathorized attempts to execute active code etc. We present here a security architecture that is designed within the FAIN project and aims at supporting multiple heterogeneous execution environments. We argue for the pros and cons as well as why we have selected the specific components and also take a look at their interworking in order to provide the security services to the execution environments our active network node hosts.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35612-9_23
Chapter PDF
Similar content being viewed by others
References
ITU-T X.509 (2000) — ISO/IEC 9594–8:2000 - information technology - open systems interconnection -the directory: Public-key and attribute certificate frameworks. Final Draft International Standard, June 2000.
Fain project home page, http://face.ee.ucl.ac.uk/fain/.
Active Network Working Group. Architectural Framework for Active Networks Version 1.1, december 2001.
Active Networks Security Working Group. Security Architecture for Active Nets, maj 2001.
D. Scott Alexander, William A. Arbaugh, Angelos D. Keromytis, and Jonathan M. Smith. Security in active networks. In Secure Internet Programming: Issues in Distributed and Mobile Object Systems, Lecture Notes in Computer Science State-of-the-Art. Springer-Verlag, 2000.
D. Scott Alexander, Bob Braden, Carl A. Gunter, Alden W. Jackson, Angelos D. Keromytis, Gary J. Minden, and David Wetherall. Active network encapsulation protocol (anep). Active Network Group draft, july 1997.
Andrew W. Appel, Edward W. Felten, and Zhong Shao. Scaling proof-carrying codeto production compilers and security policies. whitepaper, January 1999.
Matt Blaze, Joan Feigenbaum, John Ioannidis, and Angelos D. Keromytis. RFC 2704: The KeyNote trust-management system, version 2, september 1999.
Li Gong. Java security architecture (JDK1. 2 ). Technical report, Sun Microsystems, oktober 1998.
Active Networks Working Group. SANTS Security Overview, May 2000.
H. Krawczyk, M. Bellare, and R. Canetti. Hmac: Keyed-hashing for message authentication. RFC2104, Informational, februar 1997.
Zhaoyu Liu, Prasad Naldurg, Seung Yi, Roy H. Campbell, and M. Dennis Mickunas. Seraphim: Dynamic interoperable security architecture for active networks. In Proceedings OpenArch 2000. University of Illinois, Urbana-Champagain, marec 2000.
Murphy S., Lewis E., Puga R., Watson R., and Yee R. Strong security for active networks. In IEEE OPENARCH 2001 Proceedings, april 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Gabrijelčič, D., Savanović, A., Blažič, B.J. (2002). Towards Security Architecture for Future Active IP Networks. In: Jerman-Blažič, B., Klobučar, T. (eds) Advanced Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 100. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35612-9_14
Download citation
DOI: https://doi.org/10.1007/978-0-387-35612-9_14
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4405-7
Online ISBN: 978-0-387-35612-9
eBook Packages: Springer Book Archive