Abstract
Concast is a customizable many-to-one network-layer communication service. Although programmable services like concast can improve the efficiency of group applications, accompanying security concerns must be addressed before they are likely to be deployed. The problem of securing such services is interesting because conventional end-to-end security mechanisms are not applicable when messages are processed inside the network, and also because of the potential for interaction among the various policies involved. In this paper we describe our implementation of a secure concast service, which leverages existing network-level security mechanisms (IPsec) to provide secure distribution of program code (merge specifications) as well as authentication of participating nodes. We describe the various policies supported, how they interact, and how our approach provides security against various attacks.
Chapter PDF
References
Calvert, K.L., Griffioen, J., Mullins, B.C., Sehgal, A., Wen, S.: Concast: Design and implementaion of an active network service. IEEE Journal on Selected Areas in Communications 19(3), 426–437 (2001)
Kasera, S.K., Bhattacharyya, S., Keaton, M., Kiwior, D., Kurose, J., Towsley, D., Zabele, S.: Scalable Fair Reliable Multicast Using Active Services. IEEE Network Magazine (February 2000)
Kouvelas, I., Hardman, V., Crowcroft, J.: Network Adaptive Continuous-Media Applications Through Self Organised Transcoding. In: the Proceedings of the Network and Operating Systems Support for Digital Audio and Video Conference (NOSSDAV 98), July (1998)
Amir, E., McCanne, W., Zhang, H.: An application level video gateway. In: ACM Multimedia ’95, ACM Press, New York (1995)
Wetherall, D., Guttag, J., Tennenhouse, D.L.: ANTS: A toolkit for building and dynamically deploying network protocols. In: IEEE OPENARCH’98, San Francisco, CA, April 1998, IEEE Computer Society Press, Los Alamitos (1998)
Merugu, S., Bhattacharjee, S., Chae, Y., Sanders, M., Calvert, K., Zegura, E.: Bowman and canes: Implementation of an active network (1999)
Calvert, K., Griffioen, J., Sehgal, A., Wen, S.: Concast: Design and implementation of a new network service. In: Proceedings of 1999 International Conference on Network Protocols, Toronto, Ontario, November (1999)
Braden, B., Zhang, L., Berson, S., Herzog, S., Jamin, S.: Resource ReSerVation Protocol (RSVP), RFC 2205 (September 1997)
Eastlake 3rd, D. E., Jones, P. E.: US Secure Hash Algorithm 1 (SHA1), RFC 3174 (September 2001)
Kaliski, B., Staddon, J.: PKCS #1: RSA Cryptography Specifications. Version 2.0, RFC 2437 (October 1998)
Murphy, S., Lewis, E., Puga, R., Watson, R., Yee, R.: Strong security for active networks. In: The Fourth IEEE Conference on Open Architectures and Network Programming, April 2001, IEEE Computer Society Press, Los Alamitos (2001)
Calvert, K.L., Griffioen, J., Mullins, B., Natarajan, S., Poutievski, L., Sehgal, A., Wen, S.: Leveraging emerging network services to scale multimedia applications. Software - Practice and Experience (SPE) 33(14), 1377–1397 (2003)
AN Architecture Working Group: Architectural framework for active networks ver 1.0 (July 1999)
Alexander, D., Arbaugh, W., Hicks, M., Kakkar, P., Keromytis, A., Moore, J., Gunder, C., Nettles, S., Smith, J.: The switchware active network architecture. IEEE Network (May 1998)
Alexander, D., Arbaugh, W., Keromytis, A., Smith, J.: Safety and security of programmable network infrastructures. IEEE Communications Magazine, Special issue on Programmable Networks (1998)
Krishnamswamy, S., Evans, J.B., Minden, G.J.: A prototype framework for providing hop-by-hop security in an experimentally deployed active network. In: DANCE: Darpa Active Networks Conference and Exposition (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Calvert, K.L., Griffioen, J., Mullins, B., Poutievski, L., Sehgal, A. (2007). Secure, Customizable, Many-to-One Communication. In: Minden, G.J., Calvert, K.L., Solarski, M., Yamamoto, M. (eds) Active Networks. IWAN 2004. Lecture Notes in Computer Science, vol 3912. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71500-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-71500-9_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71499-6
Online ISBN: 978-3-540-71500-9
eBook Packages: Computer ScienceComputer Science (R0)