ROSA: Realistic Open Security Architecture for Active Networks

  • Marcelo Bagnulo
  • Bernardo Alarcos
  • María Calderón
  • Marifeli Sedano
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2546)


Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among other features. Nevertheless, security is still a main concern when considering the industrial adoption of this technology. In this article we describe an open security architecture for active network platforms that follow the discrete approach. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm. The performance of the proposal is validated with experimental data obtained from a prototype implementation of the solution.


Active Network Validity Period Active Code Discrete Approach Security Solution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Wetherall, D. J., Legedza, U., Guttag, J.: Introducing new Internet services: Why and How. IEEE Network Magazine, 1998.Google Scholar
  2. 2.
    Tennenhouse, D. L., Wetherall, D. J.: Towards an Active Network Architecture Computer Communication Review. Vol. 26, No. 2, April 1996.Google Scholar
  3. 3.
    Decasper, D., Plattner, B.: DAN: Distributed Code Caching for Active Networks. IEEE Infocom.98. San Francisco, California, March/April 1998.Google Scholar
  4. 4.
    Decasper, D., Parulkar, G., Choi, S., DeHart, J., Wolf, T., Plattner, B.: A Scalable, High Performance Active Network Node. IEEE Network, Jan 1999. Vol.13, num.1, pag 8–19.CrossRefGoogle Scholar
  5. 5.
    Larrabeiti, D., Calderón, M., Azcorra, A., Urueña, M.: A practical approach to network-based processing. 4th International Workshop on Active Middleware Services, July 2002.Google Scholar
  6. 8.
    Berson, S., Braden, B., Ricciulli, L.: Introduction to the Abone. February 11, 2002.Google Scholar
  7. 9.
    Braden, B., Cerpa, A., Faber, T., Lindell, B., Pillips, G., Kann, J., Shenoy, V.: Introduction to the ASP Execution Environment (v1.5). November 30, 2001.Google Scholar
  8. 11.
    Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. RFC 2104, April 1997.Google Scholar
  9. 12.
    Dierks, T., Allen, C.: The TLS protocol Version 1.0. RFC2246. January 1999.Google Scholar
  10. 13.
    Wetherall, D., Guttag, J., Tennenhouse D. L.: ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols. Proceedings IEEE OPENARCH98, April 1998.Google Scholar
  11. 14.
    AN Security Working Group. Security Architecture for Active Nets. November 13, 2001.Google Scholar
  12. 15.
    Murphy, S., Lewis, E., Puga, R., Watson, R., Yee, R.: Strong Security for Active Networks. Proceedings IEEE OPENARCH01. April, 27 2001.Google Scholar
  13. 16.
    Faber, T., Braden, B., Lindell, B., Berson, S., Bhaskar, K.: Active Network Security for the ABone. November 30, 2001.Google Scholar
  14. 17.
    Lindell, B.: Protocol Specification for Hop-By-Hop Message Authentication and Integrity. Dec. 1999.Google Scholar
  15. 18.
    Scott Alexander et al. A Secure Active network architecture: Realization in the SwitchWare. IEEE Network, May/June 1998, vol 12, no. 3.Google Scholar
  16. 19.
    Arbaugh, W. et al. Automated Recovery in a Secure Bootstrap Process. Network and Distributed Systems Symposium, Internet Society, March 1998.Google Scholar
  17. 20.
    Diffie, W., van Oorschot, P., Wiener, M.: Authentication and Authenticated Key Exchanges. Design, Codes and Cryptography, vol. 2, 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Marcelo Bagnulo
    • 1
  • Bernardo Alarcos
    • 2
  • María Calderón
    • 1
  • Marifeli Sedano
    • 2
  1. 1.Departamento de Ingeniería TelemáticaUniversidad Carlos III de Madrid(MADRID)
  2. 2.Área de Ingeniería TelemáticaUniversidad de Alcalá(MADRID)

Personalised recommendations