BPSec offers significant flexibility related to the application of security services to elements of a bundle. Multiple security blocks can be added to a bundle, and each of these blocks represent a collection of security operations.

This flexibility is needed to adapt to the variety of potential deployments of BPv7 in operational networks, to include those conforming to the Disruption Tolerant Internet (DTN) architecture. But, this flexibility leads to dependencies on bundle information, block processing, and overall constraints within the protocol itself.

This chapter discusses the information that security blocks depend on to be present for their successful processing, and the information at a Bundle Protocol Agent (BPA) that is, itself, dependent upon the information in security block.

After reading this chapter you will be able to:

8.1 Dependency Management

The defining characteristic of the Disruption Tolerant Internet (DTN) architecture is its inability to guarantee timely, end-to-end message delivery. In addition to the regular constraints placed on application design and development, this inability introduces new restrictions on the assumptions made by transport protocols such as BPv7.

If transport protocols ...