Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.487657
Title: Trust-based distributed security framework for active networks
Author: Han, Weijun
Awarding Body: University of Loughborough
Current Institution: Loughborough University
Date of Award: 2006
Availability of Full Text:
Access through EThOS:
Abstract:
Active networks are a possible Internet architecture for the future. They provide network users with more flexibility by allowing them to customi~e and control the behaviour of networks dynamically. Internet Friendly Active Network (lFAN) is an active network architecture based on the existing IP architecture. In this thesis a practical implementation of an active network node is presented, named IFAN Virtual Router (IFAN VR). IFAN VR is a software framework built on an IFAN node in IFAN networks, providing researchers, developers and users with an IFAN test-bed. The main modules ofthe IFAN VR and IFAN packet formats are described, and some IFAN protocols are proposed. Some IFAN applications have been implemented to demonstrate the concepts ofthe IFAN architecture and test the IFAN YR. Security is one of the essel~Jial issues in the active network architecture. In this thesis a Trust-based Distributed Security Framework (TDSF) is proposed for active networks, particularly for IFAN. The main goal of TDSF is to prevent the nodes in the active network from being attacked or compromised by malicious active programs from untrusted sources. TDSF is built based on a trust system, utilizing PKI (Public Key Infrastructure), cryptography, authentication and authorisation. One assumption of TDSF is that the active code from a trusted source can be safe to execute on an active node. Some novel models have been proposed for the security framework, such as a thread model, a security model, a trust model and an authorisation model: Particularly, the trust model is described in depth to explain the trust system, which is distributed and scalable in a global range. Moreover, the components and the protocols of TDSF are described. The security modules of TDSF have been implemented and integrated into the IFAN YR. Finally, the performance overhead caused by the security modules is discussed based on some experiments, and the optimising solution is given and discussed. Keywords: Active Network, Security, Trust, IFAN, IFAN VR, TDSF
Supervisor: Not available Sponsor: Not available
Qualification Name: University of Loughborough, 2006 Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.487657  DOI: Not available
Share: