Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2003.10C.4.413

Implementation of Security Enforcement Engine for Active Nodes in Active Networks  

Kim, Ok-Kyeung (이화여자대학교 과학기술대학원 컴퓨터학과)
Lim, Ji-Young (한국성서대학교 정보과학부)
Na, Hyun-Jung (이화여자대학교 과학기술대학원 컴퓨터학과)
Na, Ga-Jin (이화여자대학교 과학기술대학원 컴퓨터학과)
Kim, Yeo-Jin (이화여자대학교 과학기술대학원 컴퓨터학과)
Chae, Ki-Joon (이화여자대학교 컴퓨터학과)
Kim, Dong-Young (한국전자통신연구원)
Abstract
An active network is a new generation network based on a software-intensive network architecture in which applications are able to inject new strategies or code into the infrastructure for their immediate needs. Therefore, the secure active node architecture is needed to give the capability defending an active node against threats that may be more dynamic and powerful than those in traditional networks. In this paper, a security enforcement engine is proposed to secure active networks. We implemented an operating engine with security, authentication and a authorization modules. Using this engine, it is possible that active networks are protected from threats of the malicious active node.
Keywords
Active Network; Security Enforcement Engine; Authentication; Authorization;
Citations & Related Records
연도 인용수 순위
  • Reference
1 K. Psounis, 'Active Network: Applications, Security, Safety and Architecture,' IEEE Communications Serveys, 1999
2 L. Dang, 'CANSA (Certificate Active Network Security Architecture),' Basser Department of Computer Science, University of Sydney, 1998
3 M. Blaze, J. Feigenbaum, J. Ioannidis and A. D. Keromytis, 'The Role of Trust Management in Distributed System Security, Secure Internet Programming: Issues in Distributed and Mobile Object Systems,' Lecture Notes on Computer Science, Springer-Verlag, 1999
4 R. H. Campbell, Z. Liu, M. D. Mickunas, P. Naldurg and S. Yi, 'Seraphim: Dynamic Interoperable Security Architecture for Active Networks,' IEEE OPEKARCH 2000, Tel-Aviv, Israel, Mar., 2000   DOI
5 D. S. Alexander, W. A. Arbaugh, A. D. Keromytis and J. M. Smith, 'A Secure Active Network Environment Architecture : Realization in SwitchWare,' IEEE Network Magazine, special issue on Active and Programmable Networks, 12(3), 1998   DOI   ScienceOn
6 Security Architecture for Active Xets by AN Security Working Group: 1998, Modified by Seraphim Group, 2000
7 S. Merugu, S. Bhattacharjee, Y. Chae, M. Sanders, K. Callert and E. Zegura, 'Bowman and CANEs : Implementation of an Active Network,' Invited paper at 37th Annual Alerton Conference, Monticello, IL, Sep., 1999
8 M. Wood and M. Erlinger, 'Intrusion Detection Message Exchange Requirements: draft-ietf-idwg-requirements-10.txt,' Oct., 2002
9 D. S. Alexander, B. Braden, C. A. Gunter, A. W. Jackson, A. D. Keromytis, G. J. Minden and D. Wetherall, 'Active Network Encapsulation Protocol (ANEP),' http://www.cis.upenn.edu/switchware/ANEP/docs/ANEP.txt, 1997
10 H. Houseley, W. Ford, W. Polk and D. Solo, 'Internet X.509 Public Key Infrastructure : X.509 Certificate and CRL Pro file,' RFC2459, Jan., 1999
11 S. Berson, B. Braden and S. Dawson, 'Evolution of an Ac eve Networks Testbed,' Presentation at DARPA Active Networks Conference and Exposition 2002, San Francisco, CA, May, 2002   DOI
12 Defense Advanced research Projects Agency, http://www.darpa.mil/ato/programs/activenetworks/actnet.htm
13 B. Kaliski, 'RSA Digital Signature Standards,' RSA Laboratories. RSA Conference. 2000
14 A. Galis, B. Plattner, J. M.Smith, S. Denazis, E. Moeller, H. Guo, C. Klein, J. Serrat, J. Laarhuis, G. T. Karetsos and C. Todd 'A Flexible IF Active Networks Architecture,' WAN 2000 Conference, Nov., 2000
15 M. Collins, 'Improving Open Web Architectures,' University of Dublin, Sep., 2000
16 M. Bellare, J. Kilian and P. Rogaway, 'The Security of the Cipher Block Chaining Message Authentication Code,' Computer and System Science, Vol.61, No.3, pp.362-399, Dec., 2000   DOI   ScienceOn
17 J. Hu, 'Smart Packets: Applying Active Networks to Network Management,' BBN Technologies, Sep., 2002