research-article

A secure active network environment architecture: realization in SwitchWare

Authors:

D. S. Alexander,

W. A. Arbaugh,

A. D. Keromytis,

J. M. SmithAuthors Info & Claims

IEEE Network: The Magazine of Global Internetworking, Volume 12, Issue 3

Pages 37 - 45

https://doi.org/10.1109/65.690960

Published: 01 May 1998 Publication History

Abstract

An active network is a network infrastructure which is programmable on a per-user or even per-packet basis. Increasing the flexibility of such network infrastructures invites new security risks. Coping with these security risks represents the most fundamental contribution of active network research. The security concerns can be divided into those which affect the network as a whole and those which affect individual elements. It is clear that the element problems must be solved first, since the integrity of network-level solutions will be based on trust in the network elements. In this article we describe the architecture and implementation of a secure active network environment (SANE), which we believe provides a basis for implementing secure network-level solutions. We guarantee that a node begins operation in a trusted state with the AEGIS secure bootstrap architecture. We guarantee that the system remains in a trusted state by applying dynamic integrity checks in the network element's runtime system, using a novel naming system, and applying node-to-node authentication when needed. The construction of an extended LAN is discussed

Cited By

View all

Feamster NRexford JZegura E(2014)The road to SDNACM SIGCOMM Computer Communication Review10.1145/2602204.260221944:2(87-98)Online publication date: 8-Apr-2014
https://dl.acm.org/doi/10.1145/2602204.2602219
Feamster NRexford JZegura E(2013)The Road to SDNQueue10.1145/2559899.256032711:12(20-40)Online publication date: 8-Dec-2013
https://dl.acm.org/doi/10.1145/2559899.2560327
Cao YShao YCai Z(2012)Research on security management in active network node operating systemsProceedings of the 2012 international conference on Web Information Systems and Mining10.1007/978-3-642-33469-6_35(254-263)Online publication date: 26-Oct-2012
https://dl.acm.org/doi/10.1007/978-3-642-33469-6_35
Show More Cited By

Index Terms

A secure active network environment architecture: realization in SwitchWare

Index terms have been assigned to the content through auto-classification.

Recommendations

Research and Design of Secure Communication Model Base on the Active Network
IFCSTA '09: Proceedings of the 2009 International Forum on Computer Science-Technology and Applications - Volume 02

With the development of network, users' demand on network change persistently. Malpractices of the traditional network stand out increasingly, and have limited the further developing of network. The active network is a new type of networks proposed ...
The SwitchWare active network architecture

Active networks must balance the flexibility of a programmable network infrastructure against the safety and security requirements inherent in sharing that infrastructure. Furthermore, this balance must be achieved while maintaining the usability of the ...
Making the Gigabit IPsec VPN Architecture Secure

Avirtual private network uses IPsec to achieve its security. IPsec provides VPNs with confidentiality, data integrity, and end point authentication. Additionally, the VPN provides fordata compression, which increases Internet performance between sites. ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Network: The Magazine of Global Internetworking

IEEE Network: The Magazine of Global Internetworking Volume 12, Issue 3

May 1998

64 pages

ISSN:0890-8044

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 May 1998

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Feamster NRexford JZegura E(2014)The road to SDNACM SIGCOMM Computer Communication Review10.1145/2602204.260221944:2(87-98)Online publication date: 8-Apr-2014
https://dl.acm.org/doi/10.1145/2602204.2602219
Feamster NRexford JZegura E(2013)The Road to SDNQueue10.1145/2559899.256032711:12(20-40)Online publication date: 8-Dec-2013
https://dl.acm.org/doi/10.1145/2559899.2560327
Cao YShao YCai Z(2012)Research on security management in active network node operating systemsProceedings of the 2012 international conference on Web Information Systems and Mining10.1007/978-3-642-33469-6_35(254-263)Online publication date: 26-Oct-2012
https://dl.acm.org/doi/10.1007/978-3-642-33469-6_35
Cristea MStrijkers RMarchal DGommans Lde Laat CMeijer R(2009)Supporting communities in programmable grid networksProceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management10.5555/1688933.1688996(406-413)Online publication date: 1-Jun-2009
https://dl.acm.org/doi/10.5555/1688933.1688996
Lakshminarayanan KAdkins DPerrig AStoica I(2008)Securing user-controlled routing infrastructuresIEEE/ACM Transactions on Networking10.1109/TNET.2007.90398016:3(549-561)Online publication date: 1-Jun-2008
https://dl.acm.org/doi/10.1109/TNET.2007.903980
Orlovsky ARaz DCho YWainwright RHaddad HShin SKoo Y(2007)Decentralized enforcement of security policies for distributed computational systemsProceedings of the 2007 ACM symposium on Applied computing10.1145/1244002.1244064(241-248)Online publication date: 11-Mar-2007
https://dl.acm.org/doi/10.1145/1244002.1244064
Gil YArtz DCarr LDe Roure DIyengar AGoble CDahlin M(2006)Towards content trust of web resourcesProceedings of the 15th international conference on World Wide Web10.1145/1135777.1135861(565-574)Online publication date: 23-May-2006
https://dl.acm.org/doi/10.1145/1135777.1135861
Bhargava BWang SKhan MHabib A(2005)Multimedia data transmission and control using active networksComputer Communications10.1016/j.comcom.2004.08.02028:6(623-639)Online publication date: 1-Apr-2005
https://dl.acm.org/doi/10.1016/j.comcom.2004.08.020
Gabrijelčič DBlaič BTasič J(2005)Future active Ip networks security architectureComputer Communications10.1016/j.comcom.2004.08.01228:6(688-701)Online publication date: 1-Apr-2005
https://dl.acm.org/doi/10.1016/j.comcom.2004.08.012
Kakkar PGunter CAbadi M(2003)Reasoning about secrecy for active networksJournal of Computer Security10.5555/859246.85925111:2(245-287)Online publication date: 1-Mar-2003
https://dl.acm.org/doi/10.5555/859246.859251
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Research and Design of Secure Communication Model Base on the Active Network

The SwitchWare active network architecture

Making the Gigabit IPsec VPN Architecture Secure

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations