Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Reasoning about secrecy for active networks
Kakkar P., Gunter C., Abadi M. Journal of Computer Security11 (2):245-287,2003.Type:Article
Date Reviewed: Oct 20 2003

In an internetwork context, an active network is one where chunks of mobile code, carried in packets, can be executed at routers, as well as at hosts. This can cause security-relevant changes in services, and in resources like routing tables. Against others security (AO-security) distinguishes between controlled (honest) and uncontrolled (possibly malicious) routers, networks, and hosts. To state and analyze AO-security concerns formally, this paper introduces a primitive language, uPLAN, based on the packet language for active networks (PLAN).

uPLAN’s semantics are expressed using a version of Landin’s stack, environment, code, dump (SECD) abstract machine, and using a nondeterministic “chemical abstract machine” execution model, specified with multiset rewrite rules. Some security issues are stated and proved, mostly concerning the ability of uncontrolled routers to affect the routing tables of controlled routers indirectly, and thereby cause confidential, but unencrypted data to be routed into uncontrolled parts of the internetwork, where they can be observed by intruders. Distance vector routing and the more advanced labeled routing protocols are examined.

Reviewer:  Jon Millen Review #: CR128402 (0402-0180)
Bookmark and Share
  Featured Reviewer  
 
Security and Protection (C.2.0 ... )
 
 
Distributed Applications (C.2.4 ... )
 
 
Information Flow Controls (D.4.6 ... )
 
 
Distributed Systems (C.2.4 )
 
 
Security and Protection (D.4.6 )
 
 
Semantics Of Programming Languages (F.3.2 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Introduction to data security and controls (2nd ed.)
Edward R. I., QED Information Sciences, Inc., Wellesley, MA, 1991. Type: Book (9780894353864)
Aug 1 1992
Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
Davies D., Price W., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471900634)
Oct 1 1985
The development and proof of a formal specification for a multilevel secure system
Glasgow J., Macewen G. ACM Transactions on Computer Systems 5(2): 151-184, 1987. Type: Article
Oct 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy