需求装载代码协议的安全缺陷分析

微信服务号

微信订阅号

2025年5月14日 15:10 星期三

首页 > 过刊浏览>2005年第16卷第6期 >1175-1181

需求装载代码协议的安全缺陷分析
DOI:
                        
                    
CSTR:
                        
                    
作者:
                        夏正友夏正友
南京航空航天大学,计算机科学系,江苏,南京,210016
在期刊界中查找
在百度中查找
在本站中查找
蒋嶷川蒋嶷川
香港浸会大学计算机科学系,香港
在期刊界中查找
在百度中查找
在本站中查找
钟亦平钟亦平
复旦大学,计算信息技术系,上海,200433
在期刊界中查找
在百度中查找
在本站中查找
张世永张世永
复旦大学,计算信息技术系,上海,200433
在期刊界中查找
在百度中查找
在本站中查找

                    
作者单位:
作者简介:
通讯作者:
中图分类号:
基金项目:

Analysis for Security Flaw in Demand Loading Code Protocol

Author:

XIA Zheng-You
XIA Zheng-You

在期刊界中查找
在百度中查找
在本站中查找
JIANG Yi-Chuan
JIANG Yi-Chuan

在期刊界中查找
在百度中查找
在本站中查找
ZHONG Yi-Ping
ZHONG Yi-Ping

在期刊界中查找
在百度中查找
在本站中查找
ZHANG Shi-Yong
ZHANG Shi-Yong

在期刊界中查找
在百度中查找
在本站中查找

Affiliation:

Fund Project:

摘要

图/表

访问统计

参考文献 [20]

相似文献 [20]

引证文献

资源附件

文章评论

摘要:

使用SPI演算对主动网络的需求装载代码协议进行分析,发现其存在被重放攻击的安全漏洞.由于主动网络是计算-存储-转发模型,不同于传统网络的存储-转发模型,所以这种被重放攻击的安全缺陷将对主动节点产生难以预测的后果,并减低其性能和效率.为了消除被重放攻击的危险,修改了原有需求装载代码协议,并增加了其阻止重放攻击的能力.

关键词:主动网络;需求装载代码协议;SPI演算;重放攻击

Abstract:

In this paper, the authors use SPI calculus to analyze the demand loading code protocol of active network. The security flaw of being replay attack in this protocol is found. Model of active network is different from the tradition network. Since the model of active network is compute-storage-forward, and the model of tradition network is storage-forward. The replay attack would make the unexpected result for active network and letdown the performance and efficiency of active node. In order to prevent the replay attack, the authors amend the protocol and enhance the capacity for preventing replay attack.

Key words:active network;demand loading code protocol;SPI calculus;replay attack

参考文献

[1]Xia ZY, Zhang SY. Survey of active network research. Mini-Microsystems, 2003,24(10):1821-1824 (in Chinese with English abstract).

[2]Tennenhouse DL, Smith JM, Sincoskie WD, Wetherall DJ, Minden G. A survey of active network research. IEEE Communication Magazine, 1997,35(1):80-86.

[3]Tennhouse DL, Wetherall DJ. Towards an active network architecture. Computer Communication Review, 1996,26(2):464-472.

[4]Calvert KL. Architectural framework for active networks. Version 1.0 University of Kentucky, 1999. http://www.ccgatech.edu/project/canes/papers/arch- 1-0.ps.gz

[5]Wetherall DJ, Guttag JV, Tennenhouse DL. ANTS: A toolkit for building and dynamically deploying network protocols. In: IEEE Openarch'98. IEEE, 1998. 117.

[6]Schwartz B, Jackson AW, Strayer WT, Zhou WY, Rockwell RD, Partridge C. Smart packet for active networks. In: Proc. of the 1999 IEEE 2nd Conf. on Open Architectures and Network Programming (OPENARCH'99). 1999.

[7]Nygren EL, Garland S J, Kaashoek MF. PAN: A high-performance active network node supporting multiple mobile code system. In:Proc. of the 1999 IEEE 2nd Conf. on Open Architecture and Network Programming. 1999.

[8]AN Node OS Working Group. NodeOS interface specification. 2000. http://www.cs.princeton.edu/nsg/papers/nodeos.ps

[9]Xia ZY, Zhang SY, Zhong YP. A kind of security negotiation protocol for active network. In: Proc. of the Conf. the ACM Information Security 2002.2002. 156-162.

[10]Zhou YZ, Zhang YX. A program transfer protocol for active network. In: Proc. of the Int'l Conf. on Telecommunications 2002.Vol.3, 2002.

[11]Xia ZY, Zhang SY. Design of secure system architecture model for active network. Journal of Software, 2002,13(8):1352-1360.http://www.j os.org.cn/1000-9825/1352.htm

[12]Lindell B. Active networks protocol specification for Hop-By-Hop message authentication and integrity. Draft-nodeos-security00.txt. 2000. http://www.isi.edu/abone/Documents/Ossec.txt

[13]Liu ZY, Campbell RH. Securing the Node of Active Networks. Kluwer Academic Publishers, 2000.

[14]Campbell RH, Liu ZY. Dynamic interoperable security architecture for active network. In: Proc. of the IEEE Openarch 2000. 2000.32-41.

[15]Lu YM, Qian DP, Xu Bin, Wang L. Execution environments for active network based on programmable mobile soft devices.Journal of Software, 2002,13(2):227-234 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/13/1352.pdf

[16]Alexander DS, Braden B, Gunter CA, Jackson AW, Keromytis AD, Minden GJ, Wetherall D. Active network encapsulation protocol (ANEP). 1997. http://www.cis.upenn.edu/switchware/ANEP/docs/ANEP.txt

[17]Wetherall D, Tennenhouse D. Active IP Option. In: Proc. of the 7th ACM SIGOPS European Workshop ACM. 1996.

[18]Abadi M, Gordon A. A calculus for cryptographic protocols: The SPI calculus. Information and Computation, 1999,148(1): 1-70.

[19]夏正友,钟亦平,张世永.Active Network研究综述.小型微型计算机系统,2003,24(10):1821-1824.

[20]陆月明,钱德沛,徐斌,王磊.基于可编程移动软设备的主动网络执行环境.软件学报,2002,13(2):227-234.http://www.jos.org.cn/1000-9825/13/1352.pdf

引用本文

夏正友,蒋嶷川,钟亦平,张世永.需求装载代码协议的安全缺陷分析.软件学报,2005,16(6):1175-1181

复制

文章指标

点击次数:4101
下载次数: 5050
HTML阅读次数: 0
引用次数: 0

历史

收稿日期:2003-08-07
最后修改日期:2004-05-14
录用日期:
在线发布日期:
出版日期:

微信服务号

微信订阅号

引用本文

相关视频

分享

文章指标

历史

文章二维码

微信服务号

微信订阅号

引用本文

相关视频

分享

微信扫一扫：分享

文章指标

历史

文章二维码