Skip to Main Content
The flexibility and power achieved by using active networks come with their own risks - any fault in the active code or the security infrastructure now represents a fault in the network as a whole. Secure containment of active code is necessary in order to ameliorate this risk. This paper describes innovative approaches for recovering from faults in the active code as well as faults in the security infrastructure of an active network. Diverse authentication techniques that provide fail-over when some component of the security infrastructure is unavailable, and compensatory authentication techniques, both prophylactic and treatment-based, are discussed. The paper concludes by outlining an active code revocation architecture that facilitates secure containment of faulty active code within the active network.