针对Abone实验平台上实现大规模主动网络的安全问题,集成多种非主动安全组件和传统安全功能,提出了多级分布式密钥法和创建安全关联的策略,扩展KLIPS和警报指示,建立了逐站的包认证和完整性验证的原型框架。通过实验,对LKH方法和EK方法进行分

Abstract This paper focuses on implementing security of large scale Active Networks on the Abone platform. We set up hop-by-hop security prototype framework with packet authentication and integrity by integrating many non-active components and traditional secure functions. We put forward hierarchy-distributed key and security association policy, and extend KLIPS and alarm indications. Finally, we compare LKH with EK using experiments, and conclude that LKH is suitable for the multicast members' revocation.

Key words active networks; hop-by-hop; security; revocation

主动网络中实现逐站安全的原型框架

主动网络中实现逐站安全的原型框架