| The conception of active network was proposed in 1996, and now lots of experts are developing it. The thesis mainly researches on the active network security architecture model and other related work. First, we analyze the active network architecture and construct the security threat model for active network. We present a kind of active network security architecture model according to threat model and security requirement of active network; Next we analyze the Bob's solution for Hop-Hop security and present a novel solution for Hop-Hop integrity and authentication protocol based on the notion of active network autonomous area; Then, we present an access control policy called family tree policy. The family tree policy can correctly represent active network that cannot be correctly modeled by BLP and Chinese wall model; Since it is difficult to research the information flow security properties of active network by using traditional information flow model, We present a novel method to research the information flow properties of active network based on the conception of inheriting class.The innovative works in this thesis mainly include the several aspects:1) The security of active network includes Hop-Hop security and End-End security, for End-End security, we present a secure system architecture model based on threat model and security requirements. In the security architecture model, we present a kind of security service negotiation protocol to solve security service negotiation between the active sender and receiver in the active network.2) We analyze the Bob's Hop-Hop security solving methods and find some flaws in his solution. To make up these flaws, we present a novel solution for active network Hop-Hop security. We partition the active network into different autonomy area and each area is designated a server. The key, integrity and encrypt algorithm between the active nodes are negotiated through the autonomy area server.3) Access control is the process of mediating every request to resource and data maintained by an active node system and determining whether the request should be granted or denied. In this paper we present an access control policy called family tree policy. The family tree policy can correctly represent active network that cannot be correctly modeled by BLP and Chinese wall model. In the family tree policy, the subjects and objects of the system are classified as different inheriting classes. A Subject cannot access the object of the different inheriting class. In the same inheriting class, the subject and object abide by the BLP model.4) Since it is difficult to research the information flow security properties of active network by using traditional information flow model, We present a novel method to research the information flow security and the method is based on the conception of inheriting class. We consider research for the security properties of information flow of active network as properties of the inheriting class inner flow and flow among different inheriting classes.
|
PDF Full Text Request