The OKE Corral: Code Organisation and Reconfiguration at Runtime Using Active Linking

  • Herbert Bos
  • Bart Samwel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2546)


The OKE Corral is an active network environment which allows third-party active code to configure an active node’s code organisation at any level, including the kernel. Using the safety properties of an open kernel environment and a simple ‘Click-like’ software model, third parties are able to load native code anywhere in the processing hierarchy and connect it to existing components at runtime.


Active Network Security Policy Trust Management Kernel Module Active Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AHK+98]
    D. Scott Alexander, Michael Hicks, Pkaj Kakkar, Angelos Keromytis, Marianne Shaw, Jonathan Moore, Carl Gunter, Trevor Jim, Scott M. Nettles, and Jonathan Smith. The SwitchWare active network implementation. In Proceedings of the 1998 ACM SIGPLAN Workshop on ML, 1998.Google Scholar
  2. [AIM+02]
    K. G. Anagnostakis, S. Ioannidis, S. Miltchev, J. Ioannidis, Michael B. Greenwald, and J. M. Smith. Effcient packet monitoring for network management. In Proc. of NOMS’02, April 2002.Google Scholar
  3. [BFIK99]
    M. Blaze, J. Feigenbaum, J. Ioannidis, and A.D. Keromytis. The KeyNote trust-management system version 2. NWG RFC 2704, September 1999.Google Scholar
  4. [BIML01]
    Herbert Bos, Rebecca Isaacs, Richard Mortier, and Ian Leslie. Elastic networks: An alternative to active networks. JCN (Special Issue Programmable Switches and Routers), 3(2):153–164, June 2001.Google Scholar
  5. [BS02]
    Herbert Bos and Bart Samwel. Safe kernel programming in the OKE. In Proceedings of OPENARCH’02, New York, USA, June 2002.Google Scholar
  6. [BSP+95]
    B. Bershad, S. Savage, P. Pardyak, E.G. Sirer, D. Becker, M. Fiuczynski, C. Chambers, and S. Eggers. Extensibility, safety and performance in the SPIN operating system. In Proc of SOSP-15), pages 267–284, 1995.Google Scholar
  7. [CM01]
    Benjie Chen and Robert Morris. Flexible control of parallelism in a multiprocessor pc router. In Proc. of USENIX Annual Technical Conference (USENIX’ 01), pages 333–346, Boston, Massachusetts, June 2001.Google Scholar
  8. [DPP99]
    D. Decasper, G. Parulkar, and B. Plattner. A scalable, high performance active network node. IEEE Network, January 1999.Google Scholar
  9. [EKO94]
    Dawson R. Engler, M. Frans Kaashoek, and James W. O’Toole Jr. The exokernel approach to extensibility. In Proc. of OSDI’94, page 198, Monterey, California, November 1994.Google Scholar
  10. [HP91]
    N. C. Hutchinson and L. L. Peterson. The x-kernel: An architecture for implementing network protocols. IEEE Trans. on Software Engineering, 17(1):64–76, 1991.CrossRefGoogle Scholar
  11. [JMG+02]
    Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang. Cyclone: A safe dialect of C. In Proceedings of USENIX 2002 Annual Technical Conference, June 2002.Google Scholar
  12. [LMB+96]
    Ian Leslie, Derek McAuley, Richard Black, Timothy Roscoe, Paul Barham, David Evers, Robin Fairbairns, and Eoin Hyden. The Design and Implementation of an Operating System to Support Distributed Multimedia Applications. JSAC, 14(7), September 1996.Google Scholar
  13. [MBC+99]
    S. Merugu, S. Bhattacharjee, Y. Chae, M. Sanders, K. Calvert, and E. Zegura. Bowman and canes: Implementation of an active network, 1999.Google Scholar
  14. [MJ93]
    Steven McCanne and Van Jacobson. The BSD Packet Filter: A new architecture for user-level packet capture. In Proceedings of the 1993 Winter USENIX conference, San Diego, Ca., January 1993.Google Scholar
  15. [NL96]
    George Necula and Peter Lee. Safe kernel extensions without run-time checking. In Proceedings of OSDI’96, Seattle, Washington, October 1996.Google Scholar
  16. [NLA+02]
    N. Shalaby, L. Peterson, A. Bavier, Y. Gottlieb abd S. Karlin, A. Nakao, X. Qie, T. Spalink, and M. Wawrzoniak. Extensible routers for active networks. In DARPA AN Conference and Exposition, June 2002.Google Scholar
  17. [Rit84]
    D. M. Ritchie. A stream input-output system. AT&T Bell Labs Technical Journal, 63(8):1897–1910, 1984.Google Scholar
  18. [RLAB02]
    R. Keller, L. Ruf, A. Guindehi, and B. Plattner. PromethOS: A dynamically extensible router architecture for active networks. In Proc. of IWAN 2002, Zurich, Switzerland, December 2002. Springer.Google Scholar
  19. [RSTS93]
    R. Wahbe, S. Lucco, T.E. Anderson, and S.L. Graham. Effcient softwarebased fault-isolation. In Proc. of SOSP’93, pages 203–216, December 1993.Google Scholar
  20. [ST93]
    Jonathan M. Smith and C. Brendan S. Traw. Giving applications access to Gb/s networking. IEEE Network, 7(4):44–52, 1993.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Herbert Bos
    • 1
  • Bart Samwel
    • 1
  1. 1.LIACSLeiden UniversityThe Netherlands

Personalised recommendations