Safety and security of programmable network infrastructures

TitleSafety and security of programmable network infrastructures
Publication TypeJournal Articles
Year of Publication1998
AuthorsAlexander S, Arbaugh WA, Keromytis AD, Smith JM
JournalIEEE Communications Magazine
Pagination84 - 92
Date Published1998/10//
ISBN Number0163-6804
KeywordsAccess control, error protection, IP networks, Multicast protocols, network architecture, network operating systems, network service model, operating system, Power system dynamics, Power system modeling, Power system reliability, programmable languages, programmable network infrastructures, programming languages, Proposals, Protection, reliability properties, Safety, Secure Active Network Environment, Security, security of data, service creation, service providers, Switches, telecommunication computing, telecommunication network reliability, Web and internet services

Safety and security are two reliability properties of a system. A “safe” system provides protection against errors of trusted users, while a “secure” system protects against errors introduced by untrusted users. There is considerable overlap between mechanisms to support each property. Requirements for rapid service creation have stimulated the development of programmable network infrastructures, where end users or service providers can customize the properties of a network infrastructure while it continues to operate. A central concern of potential users of such systems is their reliability and, most specifically, their safety and security. In this article we explain the impact the network service model and architecture have on safety and security, and provide a model with which policies can be translated into restrictions of a general system. We illustrate these ideas with the Secure Active Network Environment (SANE) architecture, which provides a means of controlling access to the functions provided by any programmable infrastructure