dtnrg-4----Page:11
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Enable special bundle agents (Security Policy Routers) to optionally enforce a finer-granularity of access control Enable some DTN nodes to optionally enforce their own access control policies on bundles forwarded to them from other bundle agents, based on bundle source identity and permissions These nodes may serve as security policy routers and possibly provide either a higher level of protection for specific designated links or subregions within a secure DTN that may require the source and legitimacy of the traffic that is admitted to be policed with a higher level of scrutiny than that which can be provided by simply trusting upstream bundle agents to have enforced an access control policy appropriate for those specific links or subregions, or perimeter protection to control access of bundles sent from an insecure bundle agent to a secure portion of the DTN. |