Abstract : The Ethane architecture, developed at Stanford University, demonstrated that a novel approach to building secure networks could support superior low-level security and flexible policy-based control over individual flows. However, Ethane only provided operators with a single function: policy-based access control. Moreover, Ethane's policy was expressed in a language that did not have a rigorous logical foundation. Almost a year of subsequent work, reported on here, extended Ethane to address these two shortcomings. First, the Ethane architecture was evolved from Ethane's narrowly targeted design to a fully general network operating system called NOX, which provides users with full-blown programmatic interface. Second, the policy language has evolved from the Ethane's primitive pol-eth to a much more powerful and rigorously analyzed Flow-Based Security Language (FSL). This report describes these two advances.
Tom Anderson, Ken Birman, Robert Broberg, Matthew Caesar, Douglas E. Comer, Chase Cotton, Michael J. Freedman, Andreas Haeberlen, Zachary G. Ives, Arvind Krishnamurthy, William Lehr, Boon Thau Loo, David Mazières, Antonio Nicolosi, Jonathan M. Smith, Ion Stoica, Robbert van Renesse, Michael Walfish, Hakim Weatherspoon, Christopher S. Yoo
Tom Anderson, Ken Birman, Robert Broberg, Matthew Caesar, Douglas E. Comer, Chase Cotton, Michael J. Freedman, Andreas Haeberlen, Zachary G. Ives, Arvind Krishnamurthy, William Lehr, Boon Thau Loo, David Mazières, Antonio Nicolosi, Jonathan Smith, Ion Stoica, Robbert van Renesse, Michael Walfish, Hakim Weatherspoon, Christopher S. Yoo
Darya Ausiannikava, L. M. Mitchell, Hannah Marriott, Victoria Smith, Michelle Hawkins, Kira S. Makarova, Eugene V Koonin, Conrad A. Nieduszynski, Thorsten Allers
.webp){kind=small}
Discussion(0)
No comments yet. Be the first to comment.