Abstract
Programmable networks aim at the fast and flexible creation of services within a network. Often cited examples are audio and video transcoding, application layer multicast, or mobility and resilience support. In order to become commercially viable, programmable networks must provide authentication, authorization and accounting functionality. The mechanisms used to achieve these functionalities must be secure, reliable, and scalable, to be used in production scale programmable networks. Additionally programmable nodes must resist various kinds of attacks, such as denial of service or replay attacks. Fraudulent use by individual users must also be prohibited.
This paper describes the design and implementation of a secure, reliable, and scalable signaling mechanism clients can use to initiate service startup and to manage services running on the nodes of a programmable network. This mechanism is designed for production scale networks with AAA-functionality.
Chapter PDF
Similar content being viewed by others
References
Bagnulo, M., Alarcos, B., Calderón, M., Sedano, M.: ROSA: Realistic Open Security Architecture for active networks. In: Sterbenz, J.P.G., Takada, O., Tschudin, C.F., Plattner, B. (eds.) IWAN 2002. LNCS, vol. 2546, Springer, Heidelberg (2002)
Calvert, K.L., Bhattacharjee, S., Zegura, E., Sterbenz, J.: Directions in active networks. IEEE Communications Magazine 36(10), 72–78 (1998)
Campbell, A.T., De Meer, H.G., Kounavis, M.E., Miki, K., Vicente, J.B., Villela, D.: A survey of programmable networks. ACM SIGCOMM Computer Communication Review 29(2) (1999)
Conrad, M., Schöller, M., Fuhrmann, T., Bocksch, G., Zitterbart, M.: Multiple language family support for programmable network systems. In: Wakamiya, N., Solarski, M., Sterbenz, J.P.G. (eds.) IWAN 2003. LNCS, vol. 2982, Springer, Heidelberg (2004)
Daswani, N., Boneh, D.: Experimenting with Electronic Commerce on the PalmPilot. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 1–16. Springer, Heidelberg (1999)
Dierks, T., Allen, C.: The TLS protocol version 1.0. RFC 2246, Internet Engineering Task Force (January 1999)
Freed, N., Kille, S.E.: Network services monitoring MIB. RFC 2248, Internet Engineering Task Force (January 1998)
Fuhrmann, T., Schöller, M., Schmidt, C., Zitterbart, M.: A Node Evaluation Mechanism for Service Setup in AMnet. In: Proceedings of the 13th ITG/GI-Fachtagung Kommunikation in Verteilten Systemen (KiVS’2003), Kurzbeiträge, Praxisberichte und Workshop (2003)
Harkins, D., Carrel, D.: The Internet key exchange (IKE). RFC 2409, Internet Engineering Task Force (November 1998)
Kohl, J., Neuman, C.: The kerberos network authentication service (V5). RFC 1510, Internet Engineering Task Force (September 1993)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.J.: X.509 Internet public key infrastructure online certificate status protocol - OCSP. RFC 2560, Internet Engineering Task Force (June 1999)
Schulzrinne, H.: GIMPS: General Internet Messaging Protocol for Signaling (June 2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Conrad, M., Fuhrmann, T., Schöller, M., Zitterbart, a.M. (2007). Secure Service Signaling and Fast Authorization in Programmable Networks. In: Minden, G.J., Calvert, K.L., Solarski, M., Yamamoto, M. (eds) Active Networks. IWAN 2004. Lecture Notes in Computer Science, vol 3912. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71500-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-71500-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71499-6
Online ISBN: 978-3-540-71500-9
eBook Packages: Computer ScienceComputer Science (R0)