Tuesday, October 28, 2008

Active network vision and reality

Active networks allow users to inject code into the nodes in the network. This aids in building a range of customized applications and generally seems a nice idea. Applications can have control over their routing, QoS etc. I would have liked the paper to provide a better sense of the things active networks promised (in terms of concrete applications). The security (or lack of it) aspect jumps at your face – external (and untrusted) code running in your machine seems a bad idea! While there has been a ton of work done that tries to address it, I think this is a fundamental flaw why active networks didn’t see the light of the day.

This paper is based on observations and feedback from the ANTS system. The system uses capsule-based forwarding. Capsules contain code that can either be actually present in the packet or referenced locally (taking advantage of caching). Accessibility is an important goal where code from untrusted users should not do any harm to users of other services. The authors discuss techniques to guard against malicious code but also do some hand-waving by saying that this is analogous to malicious users in the Internet monopolizing bandwidth. It sort of seems to be saying, “There are bad guys anywhere you go…that doesn’t mean dealing with them is the highest priority”. Not the most convincing given that the proposal is to run arbitrary code in other machines.

For the most part, I tried not to cloud my reading with my skepticism for active networks. Were there any useful concepts that came out of active networks that people use in other areas? For example, did network management and upgrades become easier and elegant with active networks? That would be a good discussion to have in class – While active networks as a whole did not make much progress, what concepts of it became useful.

I didn’t like this paper but I would vote for keeping it on the reading list for that specific reason. People should have the chance to read it and make their call.

No comments: