dtnrg-4----Page:14
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Summary of DTN Security Mechanisms Bundle Authentication Header is computed at every sending bundle agent and checked at every receiving bundle agent on every hop along the way from the source to destination. Bundle Agent Region ? Region ? Security Policy Router (may check PSH value) Source Application Node Destination Application Node BAH Payload Security Header is computed once at the source bundle agent, carried unchanged, and checked at the destination bundle agent (and possibly also at security boundary bundle agents). BAH BAH BAH PSH Source vs. Sender Destination vs. Receiver Sender Receiver/ Sender Receiver/ Sender Receiver/ Sender Receiver Source Bundle Agent may enforce access control and Reject traffic from a Bundle application. |