Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
The Price of Safety in an Active Network D. Scott Alexander, Paul B. Menage, Angelos D. Keromytis,
 

Summary: The Price of Safety in an Active Network
D. Scott Alexander, Paul B. Menage, Angelos D. Keromytis,
William A. Arbaugh, Kostas G Anagnostakis, and Jonathan M. Smith
Abstract: Security is a major challenge for "Active Networking,"
as accessible programmability creates numerous opportunities for
mischief. The point at which programmability is exposed, e.g.,
through the loading and execution of code in network elements,
must therefore be carefully crafted to ensure security.
The SwitchWare active networking research project has studied
the architectural implications of various tradeoffs between perfor-
mance and security. Namespace protection and type safety were
achieved with a module loader for active networks, ALIEN, which
carefully delineated boundaries for privilege and dynamic updates.
ALIEN supports two extensions, the Secure Active Network En-
vironment (SANE), and the Resource Controlled Active Network
Environment (RCANE). SANE extends ALIEN's node protection
model into a distributed setting, and uses a secure bootstrap to
guarantee integrity of the namespace protection system. RCANE
provides resource isolation between active network node users, in-
cluding separate heaps and robust time-division multiplexing of the

  

Source: Arbaugh, William A. - Institute for Advanced Computer Studies & Department of Computer Science, University of Maryland at College Park
Yang, Junfeng - Department of Computer Science, Columbia University

 

Collections: Computer Technologies and Information Sciences