The BPSec security mechanism refers to components existing within individual BPv7 bundles and at Bundle Protocol Agents (BPAs) in a BPv7 network. This mechanism implements the design of security extensions for BPv7 networks and is an important part of the overall DTN security ecosystem.

This chapter explores each of the components that comprise the BPSec mechanism, how this mechanism might be expanded upon in the future, and how this implementation satisfies the desirable properties of a bundle security solution.

After reading this chapter you will be able to:

6.1 The BPSec Mechanism

A mechanism is a system of individual components working together to accomplish a common purpose. This concept well describes the security extensions for BPv7 – the BPSec mechanism is implemented as a series of individual components that work together to secure information in bundles.

The components comprising this mechanism are Security Operations (SOps), security contexts, and security blocks. SOps describe the relationship between blocks in a bundle and the security services that act on those blocks. Security contexts generate and process the cryptographic ...