University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Security in Satellite and Delay/Disruption Tolerant Networks.

Bhutta, Muhammad Nasir Mumtaz. (2012) Security in Satellite and Delay/Disruption Tolerant Networks. Doctoral thesis, University of Surrey (United Kingdom)..

Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (7MB) | Preview


Over the past few years, networks which are subject to long delays, high disruptions, asymmetric data rates and/or low delivery ratio etc, have gained popularity. Different approaches have been researched in the past to improve performance of networks under these challenging conditions e. g. modifying TCP behaviour suitable for a selected set of networks including Performance Enhancing Proxies (PEPs) based satellite networks and by proposing complete new networking architecture such as Delay/Disruption Tolerant Networking (DTN). The presence of PEPs breaks the original end-to-end TCP connection into two or three TCP connections and in this way allows a TCP variant to be applied on satellite link in a suitable way. The presence of PEPs on satellite links has disadvantages, e. g. splitting TCP connection is not compliant with the standard internet security mechanism IPsec as IPsec encrypts the traffic which can be only viewed at end nodes. In the thesis, a new dynamic Multilayer IPsec (ML-Ipsec) protocol is proposed for TCP/IP based networks, which enables the trusted intermediate devices to access part of IP datagram in order to function properly, while maintaining confidentiality between end nodes. The protocol is also flexible enough to break the IP datagram as many as 15 levels. The other paradigm, DTN, is an overlay networking architecture; evolved from a focus on deep space networks to a broader class of heterogeneous networks e. g. wireless adhoc networks etc. The security protocols defined for DTN, including the “Bundle Security Protocol” (BSP) are designed on the assumption that some sort of public key management mechanism is there to support security functions. In the DTN community, DTN key management is still an open issue. The thesis proposes to solve the key management issue by contributing: 1) A new Efficient Scalable Key Transport Scheme (ESKTS) which provides a way to transport the symmetric key using public key cryptography, in which the symmetric key generated at a DTN node can be transported to another communicating body securely along with the data. The ESKTS is scalable, communication efficient and compliant with the BSP semantics. 2) Sstandard PKI validation and revocation mechanism is enhanced by a new scheme which is compliant with PKI, compliant with BSP and also enables the applications to build a Certificate Revocation List (CRL) of reduced size. Furthermore the scheme also increases the efficiency to search through the list while providing communication efficiency to distribute CRL in the network due to its reduced size. 3) Framework for DTN key management architecture is proposed to establish a shared state between communicating parties dynamically. The shared state establishes the building block for security services; the cryptographic algorithms and the keys. Keywords: Security, PEPs, Satellite Networks, Key Management, PKI, DTN, Key Transport.

Item Type: Thesis (Doctoral)
Divisions : Theses
Authors : Bhutta, Muhammad Nasir Mumtaz.
Date : 2012
Additional Information : Thesis (Ph.D.)--University of Surrey (United Kingdom), 2012.
Depositing User : EPrints Services
Date Deposited : 24 Apr 2020 15:26
Last Modified : 24 Apr 2020 15:26

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800