Abstract
This paper presents the details of the policy-based security and resource management architecture for Application Level Active Network (alan) servers.alan is an active network architecture which enables deployment of user-customised processes (proxylets), which enhance the existing services or introduce new services to the end-user, on the select group of servers in anip network. The issues of security and resource management in this scenario are of crucial importance so as to efficiently facilitate and control the resource consumption of user-specified processes on the active servers, as well as to protect the server platforms from unauthorised proxylet deployment or malevolent behaviour. The architecture allowing efficient resource and security control is presented in this paper, including detaileduml diagrams capturing the management functionality, as well as a set of concrete management policies for thealan scenario. The examplexml policies are also given, and the deployment of this architecture in real-life trials is described. This development forms a part of a larger management architecture foralan-enabled networks developed in the context of theist projectandroid (Active Network DistRibuted Open Infrastructure Development).
Résumé
Cet article présente une architecture de gestion des ressources et de la sécurité à base de règles destinée à des serveurs d’application dans des réseaux actifs (alan: Application level active network). Cette architecture permet de déployer des processus personnalisés (proxylets) qui améliorent les services existants ou introduisent de nouveaux services au niveau de l’utilisateur, pour un groupe de serveurs situés dans un réseauip. La gestion de ressources et la sécurité sont cruciales pour la maîtrise de la consommation de ressources introduite par ces applications personnalisées et pour la protection des plateformes sur lesquelles on ne doit pas pouvoir déployer des proxylets non autorisées ou malveillantes. Cet article présente une architecture permettant cette maîtrise des ressources et un bon contrôle de la sécurité. La présentation est faite à la fois sur un plan conceptuel en utilisant des schémas en langage unifié de modélisationuml et sur un plan pratique à l’aide d’études de cas. Ce développement fait partie du projet européenandroid (Active Network DistRibuted Open Infrastructure Development).
Similar content being viewed by others
References
Damianou (N.),Dulay (N.),Lupu (E.),Sloman (M.), “The Ponder Policy Specification Language”, Policies for Distributed Systems and Networks, 2001, Page(s) 18–38.
Fry (M.),Ghosh (A.), “Application Level Active Networking”,Computer Networks,31 (7) (1999) pp. 655–667.
FunnelWeb http://dmir.it.uts.edu.au/projects/alan/
Liabotis (I.),Prnjat (O.),Sacks (L.), “Policy-Based Resource Management for Application Level Active Networks”,SecondieeeLatin American Network Operations and Management Symposiumlanoms2001; August 2001.
Marshall (I. W.),Cowan (J.),Crowcroft (J.),Fry (M.),Ghosh (A.),Hutchison (D.),Parish (D.),Phillips (I.),Pryce (N.),Sloman (M.),Waddington (D.), “Application-level Programmable Network Environment”,btTechnology Journal,17, No. 2, April 1999.
Marshall (I. W.),Fry (M.),Velasco (L.),Ghosh (A.), “Active Information Networks andxml”, in “Active Networks” ed. S. Covaci,lncs 1653 pp. 60–72,Springer-Verlag, 1999.
Marshall (I. W.),Gharib (H.),Hardwicke (J.),Roadknight (C.), “A novel architecture for active service management”, Integrated Network Management Proceedings,2001ieee/ifipInternational Symposium on, 2001, Page(s): 795–810
Natarajan (R.),Mckee (P.),Mathur (A. P.), “Axml Based Policy-Driven Information Service”,ieee/ifip International Symposium on Integrated Network Management (im’2001), Seattle, May 2001.
Olukemi (T.),Liabotis (I.),Prnjat (O.),Sacks (L.), “Security and Resource Policy-based Management Architecture foralan Servers”,Net-Con’2002 —ifipandieeeConference on Network Control and Engineering for QoS, Security and Mobility, 2002.
Prnjat (O.),Olukemi (T.),Liabotis (I.),Sacks (L.), “Integrity and Security of the Application Level Active Networks”;ifipWorkshop onipandatmTraffic Managementwatm’2001 andeunice’2001; Sept. 2001.
Prnjat (O.),Liabotis (I.),Olukemi (T.),Sacks (L.),Fisher (M.),Mckee (P.),Carlberg (K.),Martinez (G.) “Policy-based Management foralan-Enabled Networks”;ieee3rd International Workshop on Policies for Distributed Systems and Networks — Policy 2002, June 2002.
Sacks (L.),Prnjat (O.),Liabotis (I.),Olukemi (T.),Ching (A.),Fisher (M.),Mckee (P.),Georgalas (N.),Yoshii (H.), “Active Robust Resource Management in Cluster Computing Using Policies”, to appear inthe Journal of Network and Systems Management, Special Issue on Policy Based Management of Networks and Services.
Sloman (M.), “Policy Driven Management for Distributed Systems”,Journal of Network and Systems Management, 1994.
Sloman (M.),Lupu (E.), “Security and management policy specification”,ieeeNetwork,16, Issue: 2, March–April 2002, Page(s): 10–19.
W3C, “xml Schema Part 0; Primer — W3C Recommendation, 2 May 2001”, [www] http://www.w3.org/TR/xmlschema-0.
W3C, “xml Schema Part 2: Datatypes — W3C Recommendation, 2 May 2001”, [www] http://www.w3.org/TR/xmlschema-2.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Liabotis, I., Olukemi, T., Prnjat, O. et al. Application level active network (alan) server management architecture. Ann. Télécommun. 59, 108–129 (2004). https://doi.org/10.1007/BF03179677
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/BF03179677
Key words
- Networking
- Active telecommunication network
- Network architecture
- Resource management
- Telecommunication service management
- Computer security
- Internet
- Computer application