Journal of the Institute of Electronics Engineers of Korea CI (전자공학회논문지CI)

The Institute of Electronics and Information Engineers (대한전자공학회)
권호 표지

Study on a Secure Active network Architecture

안전한 액티브 네트워크 구조에 관한 연구

  • Hong, Sung-Sik (Dept of Computer Science & Engineering, Kwang-woon University) ;
  • Han, In-Sung (Dept of Computer Science & Engineering, Kwang-woon University) ;
  • Ryou, Hwang-Bin (Dept of Computer Science & Engineering, Kwang-woon University)
  • 홍성식 (광운대학교 컴퓨터소프트웨어학과) ;
  • 한인성 (광운대학교 컴퓨터소프트웨어학과) ;
  • 유황빈 (광운대학교 컴퓨터소프트웨어학과)
  • Published : 2005.07.01
Download PDF
⟨ Previous Next ⟩

Abstract

The existing passive networks have the only data-storing and transmission functions. On the other hand, the active network which can do operation jobs on the transmitting packets was introduced at 1990's. However, the advantages of activating processing are obviously more complex than traditional networks and raise considerable security issues. In this paper, we propose the safer structure in Active Networks that is based on the discrete approach which resolves the weak point of the Active Network. The proposed system provides the node management and user management in the Active Networks, and improves the security of Packet transmission with packet cryptography and the session.

기존의 수동적인 네트워크는 단순히 데이터의 저장과 전송기능만을 가지고 있다. 이와 달리 액티브 네트워크는 네트워크 전송로상에서 전달중인 패킷에 대한 연산작업이 가능한 네트워크 패러다임이 1990년대 소개되었다. 하지만, 이와 같은 네트워크 패킷에 대한 능동적인 처리가 가능하다는 특징은 보안에 관한 측면에서는 보다 많은 보안상의 위협가능성을 고려해야만 한다. 본 논문에서는 이와 같이 능동적인 처리가 가능한 액티브 네트워크 환경의 취약점을 보안하고자 패킷 분리 방식을 이용한 안전한 액티브 네트워크 구조를 제안한다. 제안하고자 하는 시스템은 액티브 노드의 관리와 서비스의 이용자에 대한 관리가 가능한 모델로 설계하며, 패킷의 암호화와 세션을 이용한 패킷 전송을 통해 보안성을 향상시키고자 한다.

Keywords

References

  1. K. Calvert, et.al., 'Direction in Active Networks', IEEE Comm. Mag., Oct. 1998
  2. Danny Raz and Yuval Shavitt, 'An Active Network Approach to Efficient Network Management', WAN' 99, 1999
  3. A. B. Kulkarni,' Implementation of a Prototype Active Network.', In OPENARCH '98, 1998 https://doi.org/10.1109/OPNARC.1998.662049
  4. AN Security Working Group, 'security Architecture for Active Nets', Nov, 2001
  5. Konstantinos Psounis, 'Active Networks: Applications, Security, Safety and Architectures', IEEE Communications Surveys, First Quarter 1999
  6. R. H. Campbell, et al., 'Seraphim: Dynamic Interoperable Security Architecture for Active Networks', IEEE OPENARCH 2000, Tel-Aviv, Israel, Mar. 2000
  7. D. Tennenhouse and D. Wetherall, 'Towards an Active Network Architecture,' Computer Communication Review 26(2), April 1996 https://doi.org/10.1145/231699.231701
  8. D. Tennenhouse et al, 'A Survey of Active Network Research,' IEEE Communications Magazine, January 1997 https://doi.org/10.1109/35.568214
  9. D. Wetherall and U. Legedza and J. Guttag, 'Introducing new internet services: Why and how', IEEE Network Magazine, 1998 https://doi.org/10.1109/65.690955
  10. D. J. Wetherall, 'Service Introduction in an Active Network', Ph.D. Thesis Submitted to the Department of Electrical Engineering and Computer Science, M.I.T., Feb. 1999