Secure, customizable, many-to-one communication
IWAN'04 Proceedings of the 6th IFIP TC6 international working conference on Active networks
| Hi-index | 0.00 |
Realizing large-scale active networks is heavilycontingent upon addressing security concerns at theoutset.Various approaches have been taken towardintegrating security within an active node, each definingthe mechanisms required to be in place within the NodeOS or the Execution Environment in order to providesecurity guarantees within the system.An acceptableshort-term solution to security while deploying an activenetwork in practical testbeds such as the Abone [1] is todivide security concerns into two classes - hop-by-hopand end-to-end.This paper describes an architecture forsetting up hop-by-hop packet authentication andintegrity using non-active, "off-the-shelf" securitycomponents.The intent is for the framework to begeneric enough to serve as an aid in securely deployingany new technology requiring mediated node-nodesecurity associations including, but not limited to activenetworks.