微信服务号

微信订阅号

2025-5-16- 17
Home > Archive>Volume 13, Issue 8, 2002 >1352-1360
PDF HTML XML Export Cite reminder
Design of Secure System Architecture Model for Active Network
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [15]
    • |
  • Related [20]
    • |
  • Cited by [11]
    • | |
  • Comments
    Abstract:

    In this paper, the assumption model and the threat model of active network security system are introduced. A secure system architecture model based on these models and security requirement is presented. Definition of secure system architecture model includes authentication, authorization, integrity and encryption. To protect the integrity of the contents of active packet, the encryption and the digital signatures can be employed and the authorization mechanisms or policies are defined and enforced to provide controlled access to the active node resources.

    Reference
    [1] Tennenhouse, D., Wetherall, D. Towards an active network architecture. In: Proceedings of the Multimedia Computing and Networking 1996. San Jose, CA, 1996.
    [2] O'Malley, S.W., Peterson, L.L. A dynamic network architecture. ACM Transactions on Computer Systems, 1992,10(2):110~143.
    [3] A Security Working Group. 2000. http://www.choices.cs.uiuc.edu/Security/seraphim/May2000/SecurityArchitecture.pdf.
    [4] Lindell, B. Active networks protocol specification for hop-by-hop message authentication and integrity. April 2000. http://www.isi.edu/abone/Documents/Ossec.txt.
    [5] Campbell, R.H. Liu, Zhao-yu. Dynamic interoperable security architecture for active network. IEEE OPENARCH 2000, Israel, March 2000. 32~41.
    [6] Liu, Zhao-yu, Naldurg, P. Agent based architecture for supporting application level security. In: Proceedings of the DARPA Information Survivability Conference and Exposition. Hilton Head Island, 2000. 129~143.
    [7] Liu, Zhao-yu, Campbell, R.H. Securing the node of active networks. In: Hariri, S., Lee, C., eds. Active Middleware Services. Boston, MA: Kluwer Academic Publishers, September 2000.
    [8] Alexander, D.S. Safely and security of programmable network infrastructures. IEEE Communication Magazine, 1998,36(10): 84~92.
    [9] Alexander, D.S. Security in active networks. LNCS 1603, 1999.
    [10] Smith, J.M. Activating networks: a progress report. Computer, 1999,32(4):32~41.
    [11] A Security Working Group. Security architecture for active nets. 1998. ftp://ftp.tislabs.com/pub/activenets/secrarch2.ps.
    [12] Tennenhouse, D.L. A survey of active network research. IEEE Communications Magazine, 1997,35(1):80~86.
    [13] A Node OS Working Group. NodeOS interface specification. 2000. http://www.cs.princeton.edu/nsg/papers/nodeos.ps
    [14] Cavert, K.L. Architecture framework for active networks. http://www.cc.gatech.edu/projects/canes/papers/arch1-0.ps.gz.
    [15] Initial Active Network and Active Node Architecture. 2002. http://www.ist-fain.org/deliverables/del2/d2.pdf.
    Comments
    Comments
    分享到微博
    Submit
Get Citation

夏正友,张世永.主动网络安全结构模型设计.软件学报,2002,13(8):1352-1360

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:November 29,2001
  • Revised:February 04,2002
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2044982Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063