Bundle Security Protocol for ION
- Created: Thursday, 01 September 2011
This software implements bundle authentication, conforming to the Delay-Tolerant Networking (DTN) Internet Draft on Bundle Security Protocol (BSP), for the Interplanetary Overlay Network (ION) implementation of DTN. This is the only implementation of BSP that is integrated with ION.
The bundle protocol is used in DTNs that overlay multiple networks, some of which may be challenged by limitations such as intermittent and possibly unpredictable loss of connectivity, long or variable delay, asymmetric data rates, and high error rates. The purpose of the bundle protocol is to support interoperability across such stressed networks. The bundle protocol is layered on top of a “convergence layer” of adapters that encapsulate bundles in the protocol data units (PDUs) of the underlying networks’ native protocols for transmission and also extract bundles from the PDUs of those protocols as they are received. This convergence-layer encapsulation enables an application in one network to communicate with an application in another network built on entirely different native protocols, both of which are spanned by the DTN.
Security will be important for the bundle protocol. The stressed environment of the underlying networks over which the bundle protocol will operate makes it important that the DTN be protected from unauthorized use, and this stressed environment poses unique challenges on the mechanisms needed to secure the bundle protocol. Furthermore, DTNs may very likely be deployed in environments where a portion of the network might become compromised, posing the usual security challenges related to confidentiality, integrity, and availability.
The BSP encompasses four mechanisms that are designed to provide this security. The technology currently being reported implements one of those mechanisms, the Bundle Authentication Block (BAB), and provides a framework for implementation of the remaining mechanisms: Payload Integrity Block, Payload Confidentiality Block, and Extension Security Block.
The ION system runs on Linux, OS/X, Solaris, FreeBSD, RTEMS, and VxWorks, and it should port readily to other POSIX-based operating systems. No special hardware is required. RAM (random access memory) requirements depend on the volume of DTN traffic that must be handled.
This work was done by Scott C. Burleigh of Caltech and Edward J. Birrane and Christopher Krupiarz of the Johns Hopkins University Applied Physics Laboratory for NASA’s Jet Propulsion Laboratory.
This Brief includes a Technical Support Package (TSP).
Bundle Security Protocol for ION (reference NPO-47211) is currently available for download from the TSP library.
Please Login at the top of the page to download.