Introduction to Secure Delay/Disruption Tolerant Networks
1. Dr. M Nasir Mumtaz Bhutta
Institute of Computing
Bahauddin Zakariya University
Multan, Punjab, 60,000
Pakistan
Email: nasir.bhutta@bzu.edu.pk
www.bzu.edu.pk
Introduction to Secure
Delay/Disruption Tolerant
Networks
21 January 2015
2. Dr. M N M Bhutta www.bzu.edu.pk2
Introduction to Delay/Disruption Tolerant
Networking (DTN).
Overview of Security Architecture in DTN:
• Hop-by-Hop Authentication and Integrity.
• End-to-End Authentication and Integrity.
• End-to-End Confidentiality.
Requirements of Key Management in DTN.
Objectives
3. Dr. M N M Bhutta www.bzu.edu.pk3
Introduction to DTN
Wired, TCP/IP based internet is no doubt
a success.
Some design assumptions and
characteristics of TCP/IP based internet
are:
• Devices are always connected.
• Data loss rate is comparatively low.
• Small round trip times. etc
4. Dr. M N M Bhutta www.bzu.edu.pk4
Wireless Networks Applications
With advancement in wireless technology new
kinds of networks have grown/growing. For
example,
• Satellite Networks
• Sensor Networks
• Ad-hoc networks
• Mobile Phone Networks
• Vehicular Networks etc.
In wired internet, some new applications are
also developing which are different from
traditional internet. For example, Peer-to-Peer
networks etc.
5. Dr. M N M Bhutta www.bzu.edu.pk5
Future Internetworking
6. Dr. M N M Bhutta www.bzu.edu.pk6
Future Networking Issues
Characteristics of these wireless networks
are different from wired networks and also
vary within different domains as well.
Some characteristics are as follows:
• High Loss rate
• Large and/or variable delays.
• Links are not always connected,
Disconnectivity”.
7. Dr. M N M Bhutta www.bzu.edu.pk7
Future Networking Issues
(continued)
Heterogeneity
• Sensor networks are very low powered
devices and usually delays tolerant (e.g.
monitoring applications).
• Satellite are long delayed networks (e.g. inter
planet networks).
• Mobile phone networks have their own
characteristics (mobility).
• Adhoc have variable disconnectivity.
8. Dr. M N M Bhutta www.bzu.edu.pk8
Solutions
TCP/IP without modification
• Maximum RTT = 2 mins (high delays ?)
• Lossy links (Congestion Control ?)
• Sensor Networks (Low Powered devices ?)
• Mobile Phone networks (Better Performance &
Handoffs ?)
TCP with Modifications
• Have to solve each individual problem (e.g. Long
delays, applications on top of TCP, IPSec etc).
9. Dr. M N M Bhutta www.bzu.edu.pk9
Solutions (continued..)
Overlay networking approach
• Different protocols have been developed for
different networks (Heterogeneity will be
solved).
• Long and variable delays, high loss rate, and
disconnectivity need to be handled on upper
layer than TCP to give better performance.
• Here DTN comes..
10. Dr. M N M Bhutta www.bzu.edu.pk10
Overview of DTN
• DTN is an overlay
network which runs
on top of existing
different networks to
better handle high &
variable delays,
disruptions.
• It introduces new
layer called bundle
layer on top of TCP
layer in TCP/IP stack.
Node Router Gateway
Persistent storage Optional Application Layer
Physical A
Link A
Network A
Transport A
Bundle
Application
Physical A
Link A
Network A
Transport A
Physical A
Link A
Network A
Transport A
Bundle
Application
Physical B
Link B
Network B
Transport B
Physical A
Link A
Network A
Transport A
Bundle
Application
11. Dr. M N M Bhutta www.bzu.edu.pk11
High Delays/Disruptions and DTN
• High delays/disruptions are handled using
custodian transfer on bundle layer.
12. Dr. M N M Bhutta www.bzu.edu.pk12
Heterogeneous Networks and DTN
• Different protocols family runs in
different region.
13. Dr. M N M Bhutta www.bzu.edu.pk13
Security Architecture in DTN
Security Architecture for Internet (IPSec)
can not be used with DTN for provision of
security services.
Some highlighted issues for using with
DTN are as follows:
• Very chatty in nature.
• Intermediate devices will have conflict with
IPSec.
• Cross-Layer Optimization will not work for
IPSec. etc.
14. Dr. M N M Bhutta www.bzu.edu.pk14
Security Architecture in DTN
(continued..)
DTN security architecture use its own idea
compliant with DTN networking
architecture for security services.
The security goals are given below:
• Hop-by-Hop integrity.
• Hop-by-Hop Authentication.
• End-to-End Integrity.
• End-to-End Authentication.
• End-to-End Confidentiality.
15. Dr. M N M Bhutta www.bzu.edu.pk15
Hop-by-Hop Integrity and
Authentication.
16. Dr. M N M Bhutta www.bzu.edu.pk16
End-to-End Integrity
17. Dr. M N M Bhutta www.bzu.edu.pk17
End-to-End Confidentiality
18. Dr. M N M Bhutta www.bzu.edu.pk18
Key Management in DTN
For secure and efficient key management for
DTN, following are some of the requirements.
• Key management should be communication efficient
and computational efficiency should also be taken
into consideration. Key Transport will be more
suitable
• Should support the DTN security architecture
functionality and components. Public Key
Cryptography should be supported.
19. Dr. M N M Bhutta www.bzu.edu.pk19
Thanks for listening !
»Questions ?