Abstract
Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among other features. Nevertheless, security is still a main concern when considering the industrial adoption of this technology. In this article we describe an open security architecture for active network platforms that follow the discrete approach. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm. The performance of the proposal is validated with experimental data obtained from a prototype implementation of the solution.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Wetherall, D. J., Legedza, U., Guttag, J.: Introducing new Internet services: Why and How. IEEE Network Magazine, 1998.
Tennenhouse, D. L., Wetherall, D. J.: Towards an Active Network Architecture Computer Communication Review. Vol. 26, No. 2, April 1996.
Decasper, D., Plattner, B.: DAN: Distributed Code Caching for Active Networks. IEEE Infocom.98. San Francisco, California, March/April 1998.
Decasper, D., Parulkar, G., Choi, S., DeHart, J., Wolf, T., Plattner, B.: A Scalable, High Performance Active Network Node. IEEE Network, Jan 1999. Vol.13, num.1, pag 8–19.
Larrabeiti, D., Calderón, M., Azcorra, A., Urueña, M.: A practical approach to network-based processing. 4th International Workshop on Active Middleware Services, July 2002.
Berson, S., Braden, B., Ricciulli, L.: Introduction to the Abone. February 11, 2002.
Braden, B., Cerpa, A., Faber, T., Lindell, B., Pillips, G., Kann, J., Shenoy, V.: Introduction to the ASP Execution Environment (v1.5). November 30, 2001.
Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. RFC 2104, April 1997.
Dierks, T., Allen, C.: The TLS protocol Version 1.0. RFC2246. January 1999.
Wetherall, D., Guttag, J., Tennenhouse D. L.: ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols. Proceedings IEEE OPENARCH98, April 1998.
AN Security Working Group. Security Architecture for Active Nets. November 13, 2001.
Murphy, S., Lewis, E., Puga, R., Watson, R., Yee, R.: Strong Security for Active Networks. Proceedings IEEE OPENARCH01. April, 27 2001.
Faber, T., Braden, B., Lindell, B., Berson, S., Bhaskar, K.: Active Network Security for the ABone. November 30, 2001.
Lindell, B.: Protocol Specification for Hop-By-Hop Message Authentication and Integrity. Dec. 1999.
Scott Alexander et al. A Secure Active network architecture: Realization in the SwitchWare. IEEE Network, May/June 1998, vol 12, no. 3.
Arbaugh, W. et al. Automated Recovery in a Secure Bootstrap Process. Network and Distributed Systems Symposium, Internet Society, March 1998.
Diffie, W., van Oorschot, P., Wiener, M.: Authentication and Authenticated Key Exchanges. Design, Codes and Cryptography, vol. 2, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bagnulo, M., Alarcos, B., Calderón, M., Sedano, M. (2002). ROSA: Realistic Open Security Architecture for Active Networks. In: Sterbenz, J., Takada, O., Tschudin, C., Plattner, B. (eds) Active Networks. IWAN 2002. Lecture Notes in Computer Science, vol 2546. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36199-5_16
Download citation
DOI: https://doi.org/10.1007/3-540-36199-5_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00223-9
Online ISBN: 978-3-540-36199-2
eBook Packages: Springer Book Archive