An access control architecture for programmable routers

Programmable networks allow the router´s functionality to be extended dynamically through the use of active extensions. This flexible architecture facilitates the deployment of new network protocols and services. However, the programmable nature of a network also raises serious safety and security concerns. These concerns must be addressed before programmable networks can be deployed. One particular security question is how we can limit what resources and data active extensions can access on the router. While existing operating systems address this question for end-points and servers, routers have been designed to perform a different task, namely forwarding packets, and the existing OS solutions turn out to be inadequate for routers. We look at how we can restrict active extensions´ access to link bandwidth and data traffic. Our solution is based on access control lists that are used to check all active extensions´ operations that may affect the use of link bandwidth, or may involve access to user traffic. We implemented these mechanisms in Darwin, an example of a programmable network