Abstract
Active networks are a new generation of networks based on a software-intensive network architecture in which applications are able to inject new strategies or code the infrastructure to their immediate needs. Therefore, the secure and safe active node architecture is needed to give the capability defending an active node against threats that may be more dynamic and powerful than those in traditional networks. To secure active networks, the security enforcement engine is proposed in this paper. We implemented our engine with security, authentication and authorization modules. Using this engine, it is possible that active networks are protected from threats of the malicious active node.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Tennenhouse, D.L., et al.: A Survey of Active Network Research. IEEE Communications Magazine, 80–86 (January 1997)
Psounis, K.: Active Network: Applications, Security, Safety, and Architecture. IEEE Communications Serveys (1999)
Security Architecture for Active Nets by AN Security Working Group (1998); Modified by Seraphim Group (2000)
Campbell, R.H., et al.: Seraphim: Dynamic Interoperable Security Architecture for Active Networks. In: IEEE OPENARCH 2000, Tel-Aviv, Israel (March 2000)
Dang, L.: CANSA (Certificate Active Network Security Architecture). Basser Department of Computer Science, University of Sydney (1998)
Wood, M., et al.: Intrusion Detection Message Exchange Requirements:draftietf- idwg-requirements-10.txt, October 22 (2002)
Defense Advanced Research Projects Agency, http://www.darpa.mil/ato/programs/activenetworks/actnet.htm
Scot, A.D., et al.: Active Network Encapsulation Protocol (ANEP). Active Network Group Draft (July 1997)
Ellison, C., et al.: SPKI Certificate Theory: rfc2693.txt (September 1999)
Clifford Neuman, B., et al.: Kerberos: An Authentication Service for Computer Networks. IEEE Communications Magazine 32(9), 33–38 (1994)
Housley, R., et al.: Internet X.509 Public Key Infrastructure: X.509 Certificate and CRL Profile. RFC 2459 (January 1999)
Berson, S., et al.: Evolution of an Active Networks Testbed. Presentation at DARPA Active Networks Conference and Exposition 2002, San Francisco, CA, May 29-30 (2002)
Rivest, R.: The MD5 Message-Digest Algorithm. RFC 1321, MIT Laboratory for Computer Science and RSA Data Security, Inc. (April 1999)
ANSI X3.106-1983, American National Standard for Information Systems - Data Encryption Algorithm - Modes of Operation, American National Standards Institute (Approved May 16, 1983)
Mitchell, C.J., et al.: Digital signature. In: Contemporary Cryptology, The Science of Information Integrity, pp. 325–378. IEEE Press, Los Alamitos (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lim, JY. et al. (2003). Design of Security Enforcement Engine for Active Nodes in Active Networks. In: Kahng, HK. (eds) Information Networking. ICOIN 2003. Lecture Notes in Computer Science, vol 2662. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45235-5_34
Download citation
DOI: https://doi.org/10.1007/978-3-540-45235-5_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40827-7
Online ISBN: 978-3-540-45235-5
eBook Packages: Springer Book Archive