Universiti Teknologi Malaysia Institutional Repository

Integrating security services into active network

Mandala, Satria (2005) Integrating security services into active network. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.

[img] PDF (Full text)
Restricted to Repository staff only

1909Kb
[img] PDF
17Kb
[img] PDF
29Kb
[img] PDF
70Kb

Abstract

Active network is a new approach to network architecture in which allows node do computation against active packets within the network, for instance, Active Network Transport System (ANTS) from University of UTAH. The ANTS is easily adaptable to new services that are injected into the network. However, the ANTS apply no node policy enforcement to the local node’s users and the network packets. As results, the nodes become susceptible from several network attacks such as address spoofing, Distributed Denial of Service – (DDOS), SYN-Flooding, and virus attack. To overcome these problems, a new layer that supports security modules is introduced into the ANTS’s node operating system and a minor modification to the operating system is made. The modified ANTS, “Secure JANOS ANTS� (SJANTS), has shown to be more secure than the conventional ANTS while still maintaining the flexibility of the ANTS. The advantages of the SJANTS are as the followings: It can be modified on the fly in the node policy enforcement, it can be conformed to many database vendors, it has independent platform, and it has top-down approach of enforcement to the network packets and the users. In addition, SJANTS security model that based on the Role Base Access Control (RBAC) supports authentication process by using MD5, RIPEMD320, and SHA-512 hash functions, and relies on Java Authentication and Authorization Service (JAAS). Testing was performed to investigate the response time of authentication using these hash functions. The results demonstrated that the authentication based on RIPEMD320 was faster than MD5 and SHA-512., and SHA-512 is more secure than the others.

Item Type:Thesis (Masters)
Additional Information:Thesis (Master of Science (Computer Science)) - Universiti Teknologi Malaysia, 2005; Supervisor : Prof. Dr. Abdul Hanan Abdullah
Uncontrolled Keywords:Active network; security services; secure active network; network transport system
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:3994
Deposited By: Ms Zalinda Shuratman
Deposited On:25 Jul 2007 01:14
Last Modified:25 Jul 2012 07:43

Repository Staff Only: item control page