SIS-DTN Meeting Summary Fall 2015: Darmstadt. Joint SIS-SEA Meeting on BP Security See Recap slides later in this briefing. Mon AMTitanium 2.04 1045 –

Slides:



Advertisements
Similar presentations
SIS_DTN 1 DTN BP Protocol Specification May 2010 Darmstadt 2012.
Advertisements

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
7-Apr-2014-cesg-1 Joint CMC-CESG Meeting NH Conference Centre, Nordwijkerhout, Netherlands Hosted by ESA/ESTEC 7 April 2014 CCSDS Engineering Steering.
Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 2 – Protocol Architecture, TCP/IP, and Internet-Based.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
1 29 September 2010 NATO IST-092 Symposium New Capabilities in Security and QoS Using the Updated MANET Routing Protocol OLSRv2 Christopher Dearlove
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Symmetric Key Management Books Development Plan Daniel Fischer (ESA) Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.
SIS_DTN 1 SIS-DTN Forward Planning October 2013 San Antonio Fall 2013.
SIS_DTN 1 SIS-DTN Status: LTP, BP, SSI Arch October 2013 San Antonio Fall 2013.
© 2009 The MITRE Corporation. All rights reserved. Joint DTN / SOIS Meeting April 22, 2009 Colorado Springs, CO.
1 In-Space Cross Support Using Delay / Disruption Tolerant Networking Keith Scott 15 October, 2008 Berlin, Germany October 15, 2008.
An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.
Space-Based Network Centric Operations Research. Secure Autonomous Integrated Controller for Distributed Sensor Webs Objective Develop architectures and.
1 DATE SIS-DTN WG Meeting October 16, 2008 Berlin, Germany.
SIS-DTN Friday FRIDAY SCHEDULE SIS-DTN WORK ITEMS (FROM FRAMEWORK)
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
June 2004 SIW-4 - IP in Space Implementation Guide 1 Handbook for Using IP Protocols for Space Missions James Rash - NASA/GSFC Keith Hogie, Ed Criscuolo,
Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.
Page No. 1 Kelvin Nichols Payload Operations and Integration Center EO50 Delay Tolerant Networking (DTN) Implementation on the International Space Station.
1 CCSDS Security Working Group Fall 2010 Meeting October 2010 British Standards Institute London, UK Howard Weiss NASA/JPL.
V. Tsaoussidis, DUTH – Greece
SIS-DTN WG Meeting Thursday Afternoon
CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 1 Data Link Security BOF An ESA contribution on Lessons Learned and Issues/Questions.
DTN Network Management Scenarios and General Requirements Will Ivancic
IP Security. P R E S E N T E D B Y ::: Semester : 8 ::: Year : 2009 Naeem Riaz Maria Shakeel Aqsa Nizam.
10-Dec-2012-cesg-1 Keith Scott (AD) Dai Stanton (DAD) SPACE INTERNETWORKING SERVICES (SIS) AREA REPORT.
1 CCSDS Security Working Group Spring Meeting Colorado Springs Security Architecture January 19 th 2007.
Information Architecture WG: Report of the Spring 2004 Meeting May 13, 2004 Dan Crichton, NASA/JPL.
1 SecWG New Business Discussions CCSDS CNES, Toulouse FR Howard Weiss NASA/JPL/SPARTA November 2004.
Status of JAXA’s DTN activity DTN WG CCSDS Spring Meeting 2012 Shinichi Inagawa / Kiyohisa Suzuki Japan Aerospace Exploration Agency 1 CCSDS Spring Meeting.
Cesg-1 22 October 2008 Bob Durst (AD) Dai Stanton (DAD) SPACE INTERNETWORKING SERVICES (SIS) AREA.
Security WG: Status Briefing Noordwijkerhout, The Netherlands) 31 March 2014 Howard Weiss NASA/JPL/PARSONS
1 CCSDS 2007 Fall Meeting SOIS Plenary Chris Taylor Estec (27/09/2007.
Delta-DOR WG: Report of the Spring 2010 Meeting Portsmouth, VA, USA May 7 th, 2010 Roberto Maddè ESA/ESOC,
CCSDS Fall Meeting at ESTEC
NASA Space DTN Program Keith Scott SIS-DTN WG Wednesday Afternoon 28 October 2009SIS-DTN 1.
The CCSDS Cislunar Communications Architecture Keith Scott The MITRE Corporation CCSDS Meeting January 2007.
20 November 2008 SB-1 First Look at the Deep Impact DTN Experiment (DINET) Scott Burleigh Jet Propulsion Laboratory California Institute of Technology.
Key Management V 0.4 Discussion of document revision SeaSec Intermediary Meeting, Heppenheim, October 07 Daniel Fischer Uni Lux SECAN-Lab / ESA OPS-GDA.
Cesg-1 28 April October 2008 Bob Durst (AD) Dai Stanton (DAD) SPACE INTERNETWORKING SERVICES (SIS) AREA.
Information Architecture BOF: Report of the Fall 2003 Meeting October 28, 2003 Dan Crichton, NASA/JPL.
The Integration of the Bundle Security Protocol Features into DTN2 Walter J. Scheirer and Prof. Mooi Choo Chuah Department of Computer Science and Engineering.
CCSDS Security/DTN Status 11/6/2015 DENNIS IANNICCA CCSDS GRC CHARLES SHEEHE CCSDS GRC POC 1.
1 CCSDS Security Working Group Credentials (Future) Project 26 June 2015 Howard Weiss NASA/JPL/PARSONS* Identity crisis: Formerly SPARTA Formerly Cobham.
Information Architecture WG: Report of the Spring 2005 Meeting April 14, 2005 Steve Hughes, NASA/JPL.
1 CCSDS Security Working Group Spring 2011 Meeting May 2011 Deutsches Institut für Normung (DIN) Berlin, Germany Howard Weiss NASA/JPL.
Security WG: Report of the Fall 2004 Meeting November 19, 2004 Howard Weiss.
DSN CCSDS SLE SM Prototype Plan Erik Barkley December 2006.
CMC meeting, 23 October, 2008 Page 1 JAXA CCSDS Status October, 2008 CMC Meeting DIN, Berlin, Germany Kaneaki Narita JAXA CCSDS Secretary Office.
SIS_DTN 1 DTN BP Protocol Specification May 2010 Boulder 2011.
Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.
Page No. 1 Overview Kelvin Nichols Payload Operations and Integration Center EO50 SSCN Delay Tolerant Networking (DTN)
Security WG: Report of the Spring 2004 Meeting May 13, 2004 Howard Weiss, NASA/JPL/SPARTA.
DTN Network Management CCSDS Green Book Approach Ed Birrane
The CCSDS Security WG is chartered to:
NASA AES DTN Status Keith Scott CCSDS Meetings, Spring 2016
Encryption and Network Security
Updated SBSP draft-birrane-dtn-sbsp-01.txt Edward Birrane
ETR-NASA DTN Phase-1 Test Results
SIS-DTN WG Wednesday Afternoon
SIS-DTN Forward Planning
DTN Bundle Protocol on the IETF Standards Track
NETW 208 Enthusiastic Studysnaptutorial.com
draft-ietf-dtn-bpsec-06
Proposed DTN WG Charter Items
Presentation transcript:

SIS-DTN Meeting Summary Fall 2015: Darmstadt

Joint SIS-SEA Meeting on BP Security See Recap slides later in this briefing. Mon AMTitanium – 1230 Cross-Area Meeting with SEA Security WG: Status and mechanisms of SIS- DTN bundle security protocol utilization of cryptographic message syntax (CMS).

BITTT Presentation on Chinese Space Station See briefing in CWE Meeting Materials folder for Fall 2015 See briefing in CWE Tues. PM Hassium —1730 Late start in slot General design of a space internet experiment based on China’s Space Station project. Peng WAN

SIS-DTN: Wed 11/11 PM 1330—1730 Intro and Agenda Bashing Keith SCOTT WG Status  Long-Term Schedule Review o Need to plan for reviews of BP, security to track IETF  Current Projects Resourcing Discussion o Bundle Security for CCSDS o Scheduled Routing (CGR) Discussion NASA DTN Project Update  Network management  Bundle security mechanisms  DTN Network Configuration Tools  ‘Development kits’ Various Security  Resolution of the what about Cryptographic Message Syntax’ question.  Current document status / plans / schedule  Second prototype development – who? [Probably DTN2-based, NASA will do ION]  IETF coordination – any issues? Dennis IANNICCA / Jeremy PIERCE- MAYER / Discussion

SIS-DTN Document Schedule

Current Projects Resources Bundle Security Book Editor: NASA (Dennis Iannicca) Prototype 1: ION Prototype 2: ???? Can leverage DTN2 implementation – shouldn’t be too difficult Target: Done by end of CY2017 Scheduled Routing Book Editor: NASA (Scott Burleigh) Prototype 1: ION Prototype 2: JAXA Target: Done by end of CY2018

NASA DTN Project: Network Management Asynchronous Management Protocol (AMP) Asynchronous Management Protocol Agent Application Data Model draft-birrane-dtn-adm-agent-00 AMP Manager SQL Interface Asynchronous Management Architecture draft-birrane-dtn-ama-01

NASA DTN Project: Security Streamlined Bundle Security Protocol Specification draft-birrane-dtn-sbsp-01

NASA DTN Project: DTN Network Configuration Tools JPL’s ION Configurator Linux and Mac applications (based off of Eclipse Models) Allow configuration of the entire network at once (all the nodes, contact plan(s), …) Assistants to e.g. form bidirectional links, verify the overall configuration, … Generates a set of configuration files (1 set for each of the ION nodes)

NASA DTN Project: Configuration Kits Set of scenarios using the CORE Virtualization capability in Linux (LXC) ‘Pre-set-up’ with ION configurations Sample applications (bping, image transfer, etc.)

Background Bundle Protocol for CCSDS Think ‘IP for possibly-intermittently-connected environments’ A ‘bundle’ is a collection of blocks (like IPv6 extension headers, though blocks are more like first-class objects) SIS-DTN is developing a security protocol for BP Think IPSec-like for BP Requirements: Confidentiality, Integrity, Authentication services ‘Block’-layer granincrementally ularity Needs to be deployable For Integrity and Authentication, don’t modify the ‘target’ blocks Bundle Security Protocol, Streamlined Bundle Security ProtocolStreamlined Bundle Security Protocol Defines mechanisms and formats, ciphersuites are an independent variable “Why not just use Cryptographic Message Syntax” Recap from Joint SIS-DTN / SEA-SEC Meeting Monday AM

SBSP and CMS Don’t want to use exclusively CMS APL has done some investigation with flight missions – CMS processing seems heavy-weight for them Need (want) ciphersuites for space that would map to ‘dissociated signature, shared secret key’ (or, for encryption, just ‘shared secret key’) Get the size of the BP security block down to a few bytes Do want to support CMS DLR is interested in using public-key infrastructure to support e.g. authentication of bundles to a remote (different agency) ground station for radiation On the ground, processing power and bandwidth are more readily available Current proposed solution: Merge the two approaches Recap from Joint SIS-DTN / SEA-SEC Meeting Monday AM

Current SBSP with CMS SBSP defines BP block types for both ‘SBSP-like’ and ‘CMS-like’ blocks Way Forward Proceed with current plan Turn IETF draft into CCSDS book with appropriate modifications Recap from Joint SIS-DTN / SEA-SEC Meeting Monday AM

Open Questions For our book, look at adopting ciphercuites based on CCSDS SEA documents (I think they have an algorithms document, e.g.) Should we roll in ciphersuites as appendices to the book? Should we drop the BAB to follow bleeding-edge IETF? Does signing the primary block and the previous-hop block get essentially the same (or enough) functionality? Rationale for dropping BAB – BAB includes pre- and post- blocks Post- block makes it difficult to do security It looks like CMS defines a ‘detached’ ‘pre-shared-key’ ciphersuite Does it really? How can this be invoked from e.g. openssl? Would this address the overhead concerns with CMS? (maybe we don’t care given the current understanind with SEA) Are the overhead concerns with CMS significant? If we had the detached, pre-shared-key ciphersuite above… Are the processing power concerns with CMS significant? Isn’t all the cost in the actual crypto operations…?

BPSec for CCSDS Resources

BPSec for CCSDS Schedule

CCSDS Bundle Protocol Security – Next Steps Start processing SBSP Internet Draft into CCSDS Document (Dennis) Start looking at cryptographic algorithm choices (???) Think about what ciphersuites we’ll want Thoughts on rolling ciphersuites into the current book (as opposed to going and asking for more resources to do another book)?

SIS-DTN: Thurs 11/12 AM CGR Discussion Discussion of how to present the work (content for the non-normative portion of the document) Presentation by Scott Burleigh on how Contact Graph Routing works in the Interplanetary Overlay Network (ION) implementation Discussion of possible metrics (e.g. total number of bytes delivered regardless of priority, delivery of bytes weighted by priority, etc.) Discussion of assumptions (e.g. ‘there’s always more data to send than the system can support) Thurs AMEuropium — 1230 Contact Graph Routing  CGR Goals Discussion (i.e. what are the forwarding rules trying to achieve?)  CGR Specification status Scott BURLEIGH

Scheduled Routing – Next Steps Start preparing information for non-normative portion of the document Come to agreement on assumptions and metrics Start documenting the CGR implementation from ION for the normative portion of the document

SIS-DTN: Thurs 11/12 PM Streaming Discussion DTN On ISS Service should be active about January 2016 Thurs PMTitanium —1600 DTN on ISS StatusKelvin NICHOLS Streaming over Bundle Protocol  ION BSS CL Implementation / API  ION BSS CL Documentation (?)  Streaming Requirements and how they stack up against the API  JPL experience with ION BSS Scott BURLEIGH Rodney GRUBBS Osvaldo PEINADO Leigh TORGERSON

Differing Approaches to Bundle Streaming

JPL Experience with Streaming JPL has some applications that will ‘tunnel’ regular streamed video over BP, using the Bundle Streaming Service (BSS) and the Bundle Streaming Service Protocol (BSSP) convergence layer

Next Steps SIS-MIA will take on the tasks of Defining requirements for streaming services Documenting existing approaches to streaming, with performance Look at defining a common test suite to do ‘apples-to-apples’ comparisons