The research on security architecture for active networks and security mechanism for active nodes

Abstract

Active network is a new network architecture of the last few years, in which active nodes provide programmable network services on passing packets. Users can configure, extend and download these services through active packets. However, the flexibility of network brings serious security problems. Because there are always malicious attackers in network, we must limit users' access to the resources and statuses of active routers to guarantee their safe running. Because traditional routers are mainly responsible for packets forwarding, and lack enough security support to router software, it's necessary to design consummate active network security architecture. This paper defines the integrated security architecture of active network, and provides safe protection to each phase of active codes during their running. And we also define the security architecture of active nodes, and bring forward the resource managing mechanism based on access control. The security architecture and mechanism introduced by this paper have been implemented in Extensible Service Router prototype system.