Security and resource policy-based Management architecture for ALAN servers

Abstract

Application Layer Active Networks (ALAN) allow quick and efficient deployment, on the active servers, of user-customised services (proxylets). Programmability above the transport layer makes this approach distinct form other active network initiatives. This scenario raises the issues of efficient resource management on the active server. Moreover, the deployment of user-specified processes has to be highly secure so as not to harm the active server operator platform. The IST project ANDROID is using a flexible generic specification for policies, in XML, allowing a wide range of policies to be expressed and processed in a common framework. This paper presents the security and resource management architecture developed to support the application ofthe ANDROID policy-based principles to manage the ALAN servers. We present the architecture, as well as the sample policy sets. The prototype security and resource management implementation were demonstrated during two real-life trials and the results are presented here. © 2003 by Springer Science+Business Media New York.