Reasoning about secrecy for active networks

We develop a language of mobile agents called uPLAN for describing the capabilities of active (programmable) networks. We use a formal semantics for uPLAN to demonstrate how capabilities provided for programming the network can affect the potential flows of information between users. In particular, we formalize a concept of security against attacks on secrecy by an 'outsider' and show how basic protections are preserved in the presence of programmable network functions such as user-customized labeled routing.

[1]  Steven M. Bellovin,et al.  Using the Domain Name System for System Break-ins , 1995, USENIX Security Symposium.

[2]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.

[3]  P. J. Landin The Mechanical Evaluation of Expressions , 1964, Comput. J..

[4]  Gary Scott Malkin RIP Version 2 Protocol Applicability Statement , 1994, RFC.

[5]  Hilarie K. Orman,et al.  Activating Networks: A Progress Report , 1999, Computer.

[6]  Angelos D. Keromytis,et al.  A secure PLAN , 1999, IEEE Trans. Syst. Man Cybern. Part C.

[7]  A GunterCarl,et al.  Formal verification of standards for distance vector routing protocols , 2002 .

[8]  John V. Guttag,et al.  ANTS: a toolkit for building and dynamically deploying network protocols , 1998, 1998 IEEE Open Architectures and Network Programming.

[9]  Gérard Berry,et al.  The chemical abstract machine , 1989, POPL '90.

[10]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[11]  Dimitri P. Bertsekas,et al.  Data Networks , 1986 .

[12]  Martín Abadi,et al.  Secrecy by typing in security protocols , 1999, JACM.

[13]  Carl A. Gunter,et al.  PLAN: a packet language for active networks , 1998, ICFP '98.

[14]  José Meseguer,et al.  Specification and Formal Analysis of a PLAN Algorithm in Maude , 2000, ICDCS Workshop on Distributed System Validation and Verification.

[15]  Carl A. Gunter,et al.  PLANet: an active internetwork , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[16]  William A. Arbaugh,et al.  The SwitchWare active network architecture , 1998, IEEE Netw..

[17]  Carl A. Gunter,et al.  Formal Veri cation of Standards for Distance Vector Routing Protocols KARTHIKEYAN BHARGAVAN, DAVOR OBRADOVIC, and CARL A. GUNTER , 2022 .

[18]  Angelos D. Keromytis,et al.  A secure active network environment architecture: realization in SwitchWare , 1998, IEEE Netw..

[19]  Carl A. Gunter,et al.  Formal verification of standards for distance vector routing protocols , 2002, JACM.

[20]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[21]  Martín Abadi,et al.  Security Protocols and Specifications , 1999, FoSSaCS.

[22]  Marianne Shaw,et al.  Active bridging , 1997, SIGCOMM '97.

[23]  Gary Scott Malkin,et al.  RIP Version 2 Carrying Additional Information , 1993, RFC.

[24]  G.J. Minden,et al.  A survey of active network research , 1997, IEEE Communications Magazine.

[25]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[26]  Martín Abadi,et al.  Secrecy by Typing inSecurity Protocols , 1997, TACS.