ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
Computer Communications
Volume 28, Issue 6, 15 April 2005, Pages 688-701
On Activated and Programmable Internet: Converging Technologies for Internet-based Active and Programmable Systems
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (235 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (1)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.comcom.2004.08.012    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2004 Elsevier B.V. All rights reserved.

Future active Ip networks security architecture

Dušan Gabrijelčiča, Corresponding Author Contact Information, E-mail The Corresponding Author, Borka Jerman Blažiča, E-mail The Corresponding Author and Jurij Tasičb, E-mail The Corresponding Author

aJozef Stefan Institute, Laboratory for Open Systems and Networks, Jamova 39, SI-1000 Ljubljana, Slovenia bFaculty of Electrical Engineering, University of Ljubljana, Trzaska 25, SI-1000 Ljubljana, Slovenia

Received 5 August 2004; 
accepted 5 August 2004. 
Available online 11 September 2004.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

Programmable and active networking principles provide a basis for a flexible and extensible network element architecture. Such architecture enables provision of various services in the network for its users but raises many security concerns and security becomes a key issue in such system. Based on description of the system, possible threats, high level security architecture goals and issues we propose a flexible and general security architecture which was designed and implemented in the context of the Future Active Ip Networks [FAIN project home page. URL http://www.ist-fain.org] project. Initial evaluation shows that strong security in such system is possible and that we have achieved most of our goals. The security architecture itself is general; we have applied it to three types of nodes developed and to one pure active networking approach.

Keywords: Security architecture; Programmable networks; Active networks

Article Outline

1. Introduction
2. System relationships and entities
3. Threats, security requirements and architecture goals
4. Security issues
4.1. Authorization and policy enforcement
4.2. Authentication
4.3. Packet integrity
4.4. System integrity
4.5. Code and service verification
4.6. Controlling resource usage
4.7. Accountability
5. High level security architecture
6. FAIN architectural model and security architecture
7. FAIN node implementation
8. Security architecture design and implementation
8.1. Building components security context
8.2. Enforcement layer, authorization and policy enforcement
8.3. External security representation
8.4. Cryptographic subsystem and secure store
8.5. Connection manager
8.6. Verification manager
8.7. Security manager and security area interfaces
9. General active packet security events
10. Security architecture performance
11. Architecture applicability
12. Evaluation of the security architecture
13. Conclusions and future work
Acknowledgements
References
Vitae




Computer Communications
Volume 28, Issue 6, 15 April 2005, Pages 688-701
On Activated and Programmable Internet: Converging Technologies for Internet-based Active and Programmable Systems
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.