Prior chapters presented the challenges inherent in the Delay Tolerant Internet (DTN) architecture, the strategies for building modular security ecosystems, and the capabilities of the Bundle Protocol version 7 (BPv7) transport layer. Together, this information bounds the design of security extensions for BPv7. Bundle Protocol Security (BPSec) must operate in the most challenged environments where BPv7 might be used, be compatible with as many security mechanisms as possible, and utilize the unique features of how BPv7 information is transported in the network.

This chapter discusses the design of BPSec from the experimental protocols that came before it to the design principles that allow it to satisfy its required functions.

After reading this chapter you will be able to:

5.1 A Brief History of Bundle Security

BPSec [1] has been designed to operate using the capabilities of bundles as they are exchanged within networks conforming to the DTN architecture. The sense of Delay Tolerant Internet (DTN) security requirements and bundle capabilities, themselves, evolved through research and testing of experimental protocols. In this way, both BPv7 [2] and BPSec represent ...