Active Networks

This paper basically proposes allowing user extensions to internet routing. It claims a variety of other applications, but this is the only one that I don't think is currently possible. It comes with two basic ideas: signed code, and capsules.

The signed code is signed by some authority that guarantees that it uses the API provided, as well as that it uses the internet in some reasonable manner. It is distributed to nodes throughout the internet using soft-state, and has a cryptographically secure hash associated with the code itself. Note that this makes it difficult to spoof code.

The signed code then operates on "capsules", which are essentially packets with the additional ANTS header information. The additional header also has the hash of the code that is supposed to be processing it. This feature acts as both naming and security. It allows a wide variety of different services to be deployed across the internet.

There are two obvious benefits of Active Networks. The first is as a way to test alternate routing protocols. The second is as a way to test alternate queuing protocols. Unfortunately, the code must be implemented in java, and therefore has poor performance characteristics (the java requirement is important for proof-of-correctness concerns, including being strongly typed). This means it's not spectacularly useful except to test the correctness of new algorithms.

The possible pitfalls (as they have noted in the paper) include starvation of other internet services, not only by malicious users, but also by bugs in the code. These bugs need not be limited to a single node - if a routing algorithm routes in a loop, then there is no cure for the resources that will be consumed along the loop. This proposal basically suffers from the same problems as source routing, which has been turned off by most routers in the internet.