By the aid of pluggable module

a security prototype is designed in the active network

which facilitates the security in the aspects of encryption

digital signature

authorization

authentication and revocation.The encryption and digital signature ensure the integrity and confidentiality to the active code.The decode-binding realizes the expansion capacity of the encryption methods in the system.By means of the certificate-checking method

the whole system designs a certificate center that issues X.509 certificate and manages the certificate through light directory access protocol (LDAP).With the active capability adapted to describe any authorization policy

the system can either choose the permitted policy or change the policy according to the requirements of the users .The revocation designed for the active network ensures the validity in the operation of the active code.In the meantime

with the trace records in the database

the revocation can realize the security alarm in the whole system.