Design of Security Enforcement Engine for Active Nodes in Active Networks

Active networks are a new generation of networks based on a software-intensive network architecture in which applications are able to inject new strategies or code the infrastructure to their immediate needs. Therefore, the secure and safe active node architecture is needed to give the capability defending an active node against threats that may be more dynamic and powerful than those in traditional networks. To secure active networks, the security enforcement engine is proposed in this paper. We implemented our engine with security, authentication and authorization modules. Using this engine, it is possible that active networks are protected from threats of the malicious active node.

[1]  Robert Braden,et al.  Evolution of an active networks testbed , 2002, Proceedings DARPA Active Networks Conference and Exposition.

[2]  Angelos D. Keromytis,et al.  Active network encapsulation protocol (anep) , 1997 .

[3]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[4]  Roy H. Campbell,et al.  Seraphim: dynamic interoperable security architecture for active networks , 2000, 2000 IEEE Third Conference on Open Architectures and Network Programming. Proceedings (Cat. No.00EX401).

[5]  Gustavus J. Simmons,et al.  Contemporary Cryptology: The Science of Information Integrity , 1994 .

[6]  Konstantinos Psounis,et al.  Active networks: Applications, security, safety, and architectures , 1999, IEEE Communications Surveys & Tutorials.

[7]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[8]  G.J. Minden,et al.  A survey of active network research , 1997, IEEE Communications Magazine.