| A Cluster-Based Secure Active Network Environment |
| |
| 作者姓名: | CHENXiao-lin ZHOUJing-yang DAIHan LUSang-lu CHENGui-hai |
| |
| 作者单位: | [1]DepartmentofComputerScience,ChuxiongNormalUnivcrsity,Chuxiong675000,Yunnan,China [2]StateKeyLaboratoryofNovelSoftwareTechnology,NanjingUniversity,Nanjing210093,JiangsuChina |
| |
| 基金项目: | SupportedbytheNationalNaturalScienceFoundationofChina(60363001),theNationalHighTechnologyDevelopment863ProgramofChina(2001AA113050)andtheNationalGrandFundamentalResearch973ProgramofChina(2002CB312002) |
| |
| 摘 要: | We introduce a cluster-based secure active network environment ((.‘SANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the activc router, while others are executed in the sccure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KcyNotc, untrusted active packets are controllcd to securely consume rcsource. The DSM consistency management makes that active packets can be parallelly proccssed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routcrs.
|
| 关 键 词: | 有源网络 分布式共用存储器 计算机网络 网络安全 |
| 收稿时间: | 15 May 2004 |
A cluster-based secure active network environment |
| |
| CHENXiao-lin ZHOUJing-yang DAIHan LUSang-lu CHENGui-hai.A Cluster-Based Secure Active Network Environment[J].Wuhan University Journal of Natural Sciences,2005,10(1):142-146. |
| |
| Authors: | Chen Xiao-lin Zhou Jing-yang Dai Han Lu Sang-lu Chen Gui-hai |
| |
| Institution: | (1) Department of Computer Science, Chuxiong Normal University, 675000 Chuxiong Yunnan, China;(2) State Key Laboratory of Novel Software Technology, Nanjing University, 210093 Nanjing Jiangsu, China |
| |
| Abstract: | We introduce a cluster-based secure active network environment (CSANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the active router, while others are executed in the secure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KeyNote, untrusted active packets are controlled to securely consume resource. The DSM consistency management makes that active packets can be parallelly processed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routers. |
| |
| Keywords: | active networks security DSM |
| 本文献已被 CNKI 维普 万方数据 SpringerLink 等数据库收录! |
