主动应用的安全交互机制研究

针对节点内主动网络应用之间交互带来的安全性问题，设计了一种主动网节点内主动应用安全交互机制(JASIAC)．该机制通过Java 2环境下自定义的类加载器实现不同应用之间完全隔离．设计了公开变量池来实现共享内存方式的简单通讯，设计了公开方法池来实现不同应用之间的灵活调用．这两种方法都通过统一管理以防止非授权实体对其进行攻击．利用该机制，可以抵抗非授权访问和身份欺骗．通过对变量和方法访问次数的限制，可部分解决直接拒绝服务攻击的问题，JASIAC利用按值传递参数和只读参数的方法解决面向对象系统中通过引用传递参数造成的完整性破坏，JASIAC原型系统还提供了一组应用程序接口供主动应用调用。

Study on Secure Communication Mechanism of Active Applications in Active Networks

Aiming at the secure problem caused by inner active applications communication in active networks, a mechanism called Java-based active-network secure inter active application communication was proposed to achieve secure communication between inner active applications. By defining the class loader under Java 2 the complete isolation between active applications can be realized. A pool called public memory pool was designed to achieve shared memory communication between active applications. For more complicated communication, another pool called public method pool was designed to achieve flexible invocations. By these two ways, the mechanism can protect active applications from un-authorization access and masquerading. Through setting max access count to each application the mechanism can somewhat resist direct denial of service attacks. The method of transferring parameters by value and read only parameters is utilized to prevent the breach of integrity for object oriented programming. A set of application programming interface for active applications achieving secure communications between them is also provided by the prototype system.