introduction to secure delay/disruption tolerant networks (dtn)
TRANSCRIPT
Dr. M Nasir Mumtaz Bhutta
Institute of Computing
Bahauddin Zakariya University
Multan, Punjab, 60,000
Pakistan
Email: [email protected]
www.bzu.edu.pk
Introduction to Secure
Delay/Disruption Tolerant
Networks
21 January 2015
Dr. M N M Bhutta www.bzu.edu.pk 2
Introduction to Delay/Disruption Tolerant
Networking (DTN).
Overview of Security Architecture in DTN:
• Hop-by-Hop Authentication and Integrity.
• End-to-End Authentication and Integrity.
• End-to-End Confidentiality.
Requirements of Key Management in DTN.
Objectives
Dr. M N M Bhutta www.bzu.edu.pk 3
Introduction to DTN
Wired, TCP/IP based internet is no doubt
a success.
Some design assumptions and
characteristics of TCP/IP based internet
are:
• Devices are always connected.
• Data loss rate is comparatively low.
• Small round trip times. etc
Dr. M N M Bhutta www.bzu.edu.pk 4
Wireless Networks Applications
With advancement in wireless technology new kinds of networks have grown/growing. For example, • Satellite Networks
• Sensor Networks
• Ad-hoc networks
• Mobile Phone Networks
• Vehicular Networks etc.
In wired internet, some new applications are also developing which are different from traditional internet. For example, Peer-to-Peer networks etc.
Dr. M N M Bhutta www.bzu.edu.pk 5
Future Internetworking
Dr. M N M Bhutta www.bzu.edu.pk 6
Future Networking Issues
Characteristics of these wireless networks
are different from wired networks and also
vary within different domains as well.
Some characteristics are as follows:
• High Loss rate
• Large and/or variable delays.
• Links are not always connected,
Disconnectivity”.
Dr. M N M Bhutta www.bzu.edu.pk 7
Future Networking Issues
(continued)
Heterogeneity
• Sensor networks are very low powered
devices and usually delays tolerant (e.g.
monitoring applications).
• Satellite are long delayed networks (e.g. inter
planet networks).
• Mobile phone networks have their own
characteristics (mobility).
• Adhoc have variable disconnectivity.
Dr. M N M Bhutta www.bzu.edu.pk 8
Solutions
TCP/IP without modification
• Maximum RTT = 2 mins (high delays ?)
• Lossy links (Congestion Control ?)
• Sensor Networks (Low Powered devices ?)
• Mobile Phone networks (Better Performance &
Handoffs ?)
TCP with Modifications
• Have to solve each individual problem (e.g. Long
delays, applications on top of TCP, IPSec etc).
Dr. M N M Bhutta www.bzu.edu.pk 9
Solutions (continued..)
Overlay networking approach
• Different protocols have been developed for
different networks (Heterogeneity will be
solved).
• Long and variable delays, high loss rate, and
disconnectivity need to be handled on upper
layer than TCP to give better performance.
• Here DTN comes..
Dr. M N M Bhutta www.bzu.edu.pk 10
Overview of DTN
• DTN is an overlay network which runs on top of existing different networks to better handle high & variable delays, disruptions.
• It introduces new layer called bundle layer on top of TCP layer in TCP/IP stack.
Node Router Gateway
Persistent storage Optional Application Layer
Physical A
Link A
Network A
Transport A
Bundle
Application
Physical A
Link A
Network A
Transport A
Physical A
Link A
Network A
Transport A
Bundle
Application
Physical B
Link B
Network B
Transport B
Physical A
Link A
Network A
Transport A
Bundle
Application
Dr. M N M Bhutta www.bzu.edu.pk 11
High Delays/Disruptions and DTN
• High delays/disruptions are handled using
custodian transfer on bundle layer.
Dr. M N M Bhutta www.bzu.edu.pk 12
Heterogeneous Networks and DTN
• Different protocols family runs in
different region.
Dr. M N M Bhutta www.bzu.edu.pk 13
Security Architecture in DTN
Security Architecture for Internet (IPSec) can not be used with DTN for provision of security services.
Some highlighted issues for using with DTN are as follows: • Very chatty in nature.
• Intermediate devices will have conflict with IPSec.
• Cross-Layer Optimization will not work for IPSec. etc.
Dr. M N M Bhutta www.bzu.edu.pk 14
Security Architecture in DTN
(continued..)
DTN security architecture use its own idea compliant with DTN networking architecture for security services.
The security goals are given below:
• Hop-by-Hop integrity.
• Hop-by-Hop Authentication.
• End-to-End Integrity.
• End-to-End Authentication.
• End-to-End Confidentiality.
Dr. M N M Bhutta www.bzu.edu.pk 15
Hop-by-Hop Integrity and
Authentication.
Dr. M N M Bhutta www.bzu.edu.pk 16
End-to-End Integrity
Dr. M N M Bhutta www.bzu.edu.pk 17
End-to-End Confidentiality
Dr. M N M Bhutta www.bzu.edu.pk 18
Key Management in DTN
For secure and efficient key management for DTN, following are some of the requirements. • Key management should be communication efficient
and computational efficiency should also be taken into consideration. Key Transport will be more suitable
• Should support the DTN security architecture functionality and components. Public Key Cryptography should be supported.
Dr. M N M Bhutta www.bzu.edu.pk 19
Thanks for listening !
»Questions ?