Communicating sequential processes
Communicating sequential processes
The definition of Standard ML
A security risk of depending on synchronized clocks
ACM SIGOPS Operating Systems Review
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
A Web navigator with applets in Caml
Proceedings of the fifth international World Wide Web conference on Computer networks and ISDN systems
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communicating sequential processes
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Secure Internet programming: security issues for mobile and distributed objects
Secure Internet programming: security issues for mobile and distributed objects
Types of specifications of access policies
Secure Internet programming
The role of trust management in distributed systems security
Secure Internet programming
Providing policy-neutral and transparent access control in extensible systems
Secure Internet programming
J-Kernel: a capability-based operating system for Java
Secure Internet programming
The Java Language Specification
The Java Language Specification
Engineering a security kernel for Multics
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The Multics kernel design project
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Alien: a generalized computing model of active networks
Alien: a generalized computing model of active networks
Implementing multiple protection domains in java
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Safety and security of programmable network infrastructures
IEEE Communications Magazine
The design and implementation of an operating system to support distributed multimedia applications
IEEE Journal on Selected Areas in Communications
The SwitchWare active network architecture
IEEE Network: The Magazine of Global Internetworking
A secure active network environment architecture: realization in SwitchWare
IEEE Network: The Magazine of Global Internetworking
IWAN '01 Proceedings of the IFIP-TC6 Third International Working Conference on Active Networks
| Hi-index | 0.00 |
The desire for flexible networking services has given rise to the concept of "active networks." Active networks provide a general framework for designing and implementing network-embedded services, typically by means of a programmable network infrastructure. A programmable network infrastructure creates significant new challenges for securing the network infrastructure. This paper begins with an overview of active networking. It then moves to security issues, beginning with a threat model for active networking, moving through an enumeration of the challenges for system designers, and ending with a survey of approaches for meeting those challenges. The Secure Active Networking Environment (SANE) realizes many of these approaches; an implementation exists and provides acceptable performance for even the most aggressive active networking proposals such as active packets (sometimes called "capsules"). We close the paper with a discussion of open problems and an attempt to prioritize them.