dtnrg-4----Page:3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
How does the stressed DTN environment constrain the available security mechanisms? High round-trip times and frequent disconnection Security solutions should not depend on frequent distribution of a large number of certificates and encryption keys end-to-end across the DTN. A system that does not require each user’s keys and credentials to be distributed throughout the network, but that requires them only at neighboring or nearby nodes, is more scalable. Delayed or frequent loss of connectivity to a key or certificate server multiple certificate authorities/key servers may be desirable. User credentials should expire periodically rather than depend on certificate revocation messages Long delays messages may be valid for days or weeks, so message expiration may not be able to be depended on to rid the network of unwanted messages as efficiently as in other types of networks. Constrained bandwidth Want to minimize cost of security in terms of header bits |