AMP: Experiences with Building an Exokernel-Based Platform for Active Networking
DANCE '02 Proceedings of the 2002 DARPA Active Networks Conference and Exposition
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Janos: a Java-oriented OS for active network nodes
IEEE Journal on Selected Areas in Communications
A secure active network environment architecture: realization in SwitchWare
IEEE Network: The Magazine of Global Internetworking
| Hi-index | 0.00 |
This paper analyzes the security requirements and problems with which active nodes are confronted, and proposes a general security management subsystem in Active Network NodeOS. The subsystem implements through four functions: resource management, hop-by-hop authentication, credential management and security policy management. Resource management avoids excessive use of resources by constraining the maximum available resource quantity of each application. Hop-by-hop authentication is realized by adding hop-by-hop integrity option to ANEP header, which accomplishes the previous hop authentication and the hop-by-hop integrity checking. The function of credential management is to obtain the credential, authenticate the validity of the credential, and make origin authentication and end-to-end integrity checking by using the principal's public key carried in the credential. Security policy management is realized by embedding a reformed KeyNote Trust Management system into NodeOS kernel to complete access control to node resource.