Information Technology Reference
In-Depth Information
infrastructure.”
The Exokernel is a good foundation upon which
to build AMP because the Exokernel offers AMP
security, flexibility, and extensibility. Because
the Exokernel's security mechanism “dovetails”
nicely with the needs ofAMP, Dandekar and others
have stated AMPs “development time is reduced,
modularity is enhanced, and security requirements
can be addressed in a straightforward manner”
(Dandekar, Purtell, & Schwab, 2002).
Flexibility with the Exokernel is reflected in
its lack of abstractions. As Dandekar and others
state, “an exokernel provides a minimal set of
abstractions above the raw hardware. Only those
mechanisms required in order to control access
to physical resources and kernel abstractions are
provided” (Dandekar, Purtell, & Schwab, 2002).
As hardware gets abstracted by the operating
system, the use of that hardware becomes less
flexible. AMP's “NodeOS” provides a set of in-
terfaces through which the code within an active
network can request services of the underlying
operating system. Abstracted by these interfaces
are services such as networking channels, thread
pools, memory pools, and domains. As Dandekar
and others explain, “these abstractions provide the
active application of platform-independent means
for accessing a common set of resources which
will be available across all of the heterogeneous
network” (Dandekar, Purtell, & Schwab, 2002).
It is precisely because the underlying Exokernel
provides a minimal set of abstractions that the
AMP NodeOS can utilize this functionality so
easily.
Lastly, the Exokernel was designed to be
extensible. The library operating system of the
Exokernel matches up nicely with the libraries
found inAMP (libAMP).An application likeAMP
can only be as extensible as the operating system
that supports it. Thus, the superior extensibility
of the Exokernel makes possible the superior
flexibility of AMP.
In conclusion of our look at active networking,
we see that the three “problems with networks”
that were identified by DARPA are addressed by
2.
“Poor performance due to redundant opera-
tions at several protocol layers.”
3.
“Difficulty accommodating new services in
the existing architectural model.”
(Tennenhouse, & Wetherall, 1996).
Tennenhouse and others state, in contrast to
a passive network, an active network contains
nodes that “can perform computations on, and
modify, the packet contents.” Furthermore, “this
processing can be customized on a per user or per
application basis” (Tennenhouse, & Wetherall,
1996). David Wetherall states well the benefit of
active networks when he states that active networks
“enable a range of new applications that leverage
computation within the network; and it would
accelerate the pace of innovation by decoupling
services from the underlying infrastructure”
(Wetherall, 1999).
A good example of an active network is pro-
vided by Parveen Patel. Patel states that active
packets may encrypt themselves before entering
an un-trusted portion of a network. The code to
conduct the actual encryption could be carried by
the active packets themselves, or the code could
be resident on the node and simply be executed
by the packets when they arrive. In either case,
the data packets are
active
within the network,
encrypting and decrypting themselves as neces-
sary when passing through un-trusted sections of
a network (Patel, 2002).
Hrishikesh Dandekar and others at NAI
Labs (Network Associates, Inc. of Los Angeles,
California) provide the link in our discussion that
joins Active Networks and the Exokernel Operat-
ing System. Their research is named AMP. They
state AMP is “a secure platform upon which the
mobile code [of an active network] can be safely
executed” (Dandekar, Purtell, & Schwab, 2002).
The interesting part is that “AMP is layered on
top of the MIT ExoPC (Exokernel) operating
System's Xok kernel” (Dandekar, Purtell, &
Schwab, 2002).
Search WWH ::
Custom Search