Re: [dtn-security] Newbie seeking some security related advice

"Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov> Thu, 28 May 2009 12:40 UTC

Received: from ndmsnpf02.ndc.nasa.gov (ndmsnpf02.ndc.nasa.gov [198.117.0.122]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id n4SCeN6W029125 for <dtn-security@maillists.intel-research.net>; Thu, 28 May 2009 05:40:23 -0700
Received: from ndjsppt02.ndc.nasa.gov (ndjsppt02.ndc.nasa.gov [198.117.1.101]) by ndmsnpf02.ndc.nasa.gov (Postfix) with ESMTP id BD22479032; Thu, 28 May 2009 07:37:22 -0500 (CDT)
Received: from ndjshub02.ndc.nasa.gov (ndjshub02.ndc.nasa.gov [198.117.4.161]) by ndjsppt02.ndc.nasa.gov (8.14.3/8.14.3) with ESMTP id n4SCbM8v031411; Thu, 28 May 2009 07:37:22 -0500
Received: from NDJSSCC03.ndc.nasa.gov ([198.117.4.170]) by ndjshub02.ndc.nasa.gov ([198.117.4.161]) with mapi; Thu, 28 May 2009 07:37:22 -0500
From: "Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov>
To: "Graham Keellings (Leonix Solutions Pte Ltd)" <Graham@LeonixSolutions.com>, Armando Caro <acaro@bbn.com>
Date: Thu, 28 May 2009 07:37:09 -0500
Thread-Topic: [dtn-security] Newbie seeking some security related advice
Thread-Index: AcnfOodAaS0lz27WTeu1NEyjIKvb4gAVPzjA
Message-ID: <3A5AA67A8B120B48825BFFCF5443856137E0BCCDF0@NDJSSCC03.ndc.nasa.gov>
References: <89E48AE60E64EF4E8EB32B0B7EC74920A1B0F5@EVS-EC1-NODE2.surrey.ac.uk> <4A12195A.6000207@LeonixSolutions.com> <3A5AA67A8B120B48825BFFCF5443856137E0B06196@NDJSSCC03.ndc.nasa.gov> <4A1DD73F.50000@bbn.com> <4A1DF457.1060400@LeonixSolutions.com>
In-Reply-To: <4A1DF457.1060400@LeonixSolutions.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-cr-hashedpuzzle: BZgr D1gF KBSA MkNH MoE2 Nygh ONTL R//u Sko8 WDln WxkC Xp2i YJtI YVxj Zeit cJSu; 3; YQBjAGEAcgBvAEAAYgBiAG4ALgBjAG8AbQA7AGQAdABuAC0AcwBlAGMAdQByAGkAdAB5AEAAbQBhAGkAbABsAGkAcwB0AHMALgBpAG4AdABlAGwALQByAGUAcwBlAGEAcgBjAGgALgBuAGUAdAA7AGcAcgBhAGgAYQBtAEAAbABlAG8AbgBpAHgAcwBvAGwAdQB0AGkAbwBuAHMALgBjAG8AbQA=; Sosha1_v1; 7; {5CDA34FA-C139-400F-AB68-CC47061F0DA3}; dwBpAGwAbABpAGEAbQAuAGQALgBpAHYAYQBuAGMAaQBjAEAAbgBhAHMAYQAuAGcAbwB2AA==; Thu, 28 May 2009 12:37:09 GMT; UgBFADoAIABbAGQAdABuAC0AcwBlAGMAdQByAGkAdAB5AF0AIABOAGUAdwBiAGkAZQAgAHMAZQBlAGsAaQBuAGcAIABzAG8AbQBlACAAcwBlAGMAdQByAGkAdAB5ACAAcgBlAGwAYQB0AGUAZAAgAGEAZAB2AGkAYwBlAA==
x-cr-puzzleid: {5CDA34FA-C139-400F-AB68-CC47061F0DA3}
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.7400:2.4.4, 1.2.40, 4.0.166 definitions=2009-05-28_07:2009-05-27, 2009-05-28, 2009-05-27 signatures=0
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by maillists.intel-research.net id n4SCeN6W029125
Cc: "dtn-security@maillists.intel-research.net" <dtn-security@maillists.intel-research.net>
Subject: Re: [dtn-security] Newbie seeking some security related advice
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2009 12:40:26 -0000

->Armando Caro wrote:
->What about "transiently" disconnected nodes? Can we accept loss of
->transmission for a fraction of a second? Or even a few seconds?
->

That is up to the acceptability of the end user.  For example, I prefer the grainy ghost of analog TV to Digital TV with interrupted voice bits and pixilation during signal fades.

->If I stipulate a network that carries primarily voice traffic (albeit
->as VoIP), then what does DTN bring me? I could argue that it adds a
->degree of complexity that brings no gain.  

I would agree.

->I suppose that the gain is
->that the network is distributed and has no central infrastructure
->(although, to split hairs, that is an ah-hoc network, which not all DTN
->need to be); I can see that that would be attractive to DARPA.

A DTN can be an overlay on an Ad Hoc network or an overlay on a fixed fully connected network or an overlay on a predictive network like a deep space network or a combination.  My personal view of a DTN to date is an application level store-and-forward gateway and/or potentially a secure content storage and distribution network.  Until we get some type of scalable naming structure, I don't see this scaling very well.


->
->>
->> One important take-away from this work... the motivation of DTN is to
->> support delay/disrupted scenarios and apps that can operate in that
->> regime, but it is possible to implement a DTN stack that can also
->deal with time-sensitive traffic.
->>

One thing I see is that many non-technical or even technical, but uninformed/misinformed people think DTN is a magic box that you put in front of applications that require a connected network and it makes them work in a disconnected, store-and-forward, environment.  

I think we need to educate people that this is not the case.  However, I think that sometimes we don't in order to obtain/retain funding.


Will