Performance Implications of Securing Active Networks
University of Pennsylvania Philadelphia United States
Pagination or Media Count:
Security is an obvious risk to active networking, as increased flexibility creates numerous opportunities for mischief. The point at which this flexibility is exposed, e.g., through the loading of code into network elements, must therefore be carefully crafted to ensure security. The Secure Active Network Environment SANE architecture provides a secure bootstrap process resulting in a module loader packet execution environment. As a set of nodes bootstrap, they exchange certificates to permit secure module exchange. This paper demonstrates that SANE, while exhibiting performance degradation relative to unsecured operation, is able to perform acceptably. We include measurements comparing the loading of an active ping on a secure versus an insecure infrastructure.