| Traditional network exists long period of standardization and pool compatibility problems. New applications and technologies often keep ahead of the emergence of new services. It severely constrains the rapid expansion of new services. Therefore, It was made to the concept of active network. Active network allow users to add customized services code, programming on the network infrastructure. Thus it brings flexibility and expansionary. It adapted to the needs of rapid deployment of new services and applications. But active packets carrying active codes, to some extent, they can allocate or change the resources. All these can make the networks be attacked and affected by the malicious, flawed or impact code. Thus it can bring greater potential security threats to the active network. This dissertation is based on the analysis of potential security threats, and uses the identity authentication, authority inspection and other relevant technologies to ensure the security of the active network. How to achieve certification operation on the lack of authentication mechanisms in the existing active network system is the main topic of this dissertation.SENCOMM as a network control, monitoring and management platform on active network, it is lack of the safety considerations (Safety management, information security transmission) on the beginning of design stage. This dissertation is based on the analysis of common architecture of active network and the security problems of SENCOMM, and discusses its hidden dangers, needs and trusts model. On these bases, this dissertation provides a network security model based on certification, for strengthening the security of the active network. In this model, each user or active node playe a role, and each role has its name and level (for operating restrictions, such as resources visit). In the network data transmission, it's need for identity authentication and authority inspection. This model has been designed and realized in the SENCOMM platform. |
PDF Full Text Request