Skip to Main Content
Securing Delay-Tolerant Networks with BPSec
book

Securing Delay-Tolerant Networks with BPSec

by Edward J. Birrane, III, Sarah Heiner, Ken McKeever
January 2023
Intermediate to advanced content levelIntermediate to advanced
352 pages
12h 37m
English
Wiley
Content preview from Securing Delay-Tolerant Networks with BPSec

Appendix AExample Security Contexts

Bundle Protocol Security (BPSec) defines the mechanisms necessary to implement security in Bundle Protocol version 7 (BPv7) networks. Some of those mechanisms, such as extension block definitions for the Block Integrity Block (BIB) and Block Confidentiality Block (BCB), are common across all BPv7 networks. Other mechanisms, such as security policies and security contexts are expected to be customized for particular implementations.

Two exemplar security contexts are documented in the “Default Security Contexts for BPSec” specification, Request for Comments (RFC) 9173 [1]. These security contexts provide a minimal security capability appropriate for use over the Internet. One security context is given for the bib-integrity service and another is given for the bcb-confidentiality service.

The security contexts of RFC 9173 serve two purposes. First, they provide an example for BPv7 network security designers to expand upon for particular use cases, requirements, or other constraints. Second, they provide a basic level of protection that while optional to use, is mandatory to implement in a BPA.

To ensure interoperability among various implementations, all BPSec implementations MUST support at least the current, mandatory security context(s) defined in IETF Standards Track RFCs. As of this writing, that BP mandatory security context is specified in [RFC9173], but the mandatory security context(s) might change over time in accordance with usual ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Enterprise Network Testing: Testing Throughout the Network Lifecycle to Maximize Availability and Performance

Enterprise Network Testing: Testing Throughout the Network Lifecycle to Maximize Availability and Performance

Andy Sholomon, Tom Kunath
Linux® Kernel Primer, The: A Top-Down Approach for x86 and PowerPC Architectures

Linux® Kernel Primer, The: A Top-Down Approach for x86 and PowerPC Architectures

Claudia Salzberg Rodriguez, Gordon Fischer, Steven Smolski
Switching to VoIP

Switching to VoIP

Theodore Wallingford

Publisher Resources

ISBN: 9781119823476Purchase Link