Security in broadband satellite systems for the aeronautical and other scenarios Double-diplôme Ingénieur SUPAERO (ISAE) – Enginyeria de telecomunicacions (UPC) Projet de fin d’études (Master Thesis Report) by Dirk Gómez Depoorter SUPAERO supervisor: José Radzik TriaGnoSys supervisor: Eriza Hafid Fazli 2011 Munich, Germany 1 Table of Contents TABLE OF CONTENTS ........................................................................................................................................ 2 LIST OF TABLES ................................................................................................................................................. 6 LIST OF FIGURES ............................................................................................................................................... 7 ABBREVIATIONS ............................................................................................................................................... 9 1 INTRODUCTION ..................................................................................................................................... 10 2 THE ESA REQUEST .................................................................................................................................. 11 2.1 THE PROJECT ..................................................................................................................................... 11 2.2 OBJECTIVES ....................................................................................................................................... 11 2.3 PROJECT ORGANISATION ....................................................................................................................... 11 2.3.1 Task 1 ........................................................................................................................................ 11 2.3.2 Task 2 ........................................................................................................................................ 12 2.3.3 Task 3 ........................................................................................................................................ 12 2.3.4 Task 4 ........................................................................................................................................ 12 3 CONCEPTS .............................................................................................................................................. 13 3.1 SATELLITE LINKS .................................................................................................................................. 13 3.1.1 Long delay ................................................................................................................................. 13 3.1.2 Bandwidth-Delay Product ........................................................................................................... 14 3.1.3 High Bit Error Rate (BER) ............................................................................................................ 14 3.2 TRANSMISSION CONTROL PROTOCOL (TCP) .............................................................................................. 14 3.2.1 The TCP header .......................................................................................................................... 15 3.2.2 Segment transmission ................................................................................................................ 17 3.2.3 Flow control: The receive window ............................................................................................... 19 3.2.4 TCP congestion avoidance mechanisms ...................................................................................... 20 3.3 INTERNET PROTOCOL (IP) ..................................................................................................................... 26 3.3.1 Functions ................................................................................................................................... 26 3.3.2 IP versions .................................................................................................................................. 26 3.3.3 IP header ................................................................................................................................... 26 3.3.4 IP addressing ............................................................................................................................. 30 3.3.5 IP Fragmentation ....................................................................................................................... 31 3.3.6 IP NAT ........................................................................................................................................ 31 3.4 DIFFERENTIATED SERVICES FIELD AND CLASSES ............................................................................................ 31 3.5 VPN TECHNOLOGIES ........................................................................................................................... 33 3.5.1 Internet Protocol Security (IPsec) ................................................................................................ 33 3.5.2 High Assurance Internet Protocol Encryptor (HAIPE) ................................................................... 35 3.5.3 SSL/TLS/HTTPS ........................................................................................................................... 36 4 TECHNICAL ISSUES ................................................................................................................................. 37 4.1 WORDING......................................................................................................................................... 37 4.2 PROTOCOL ENHANCING PROXIES (PEP) & ENHANCED PROTOCOLS ................................................................. 37 4.2.1 Definition ................................................................................................................................... 37 4.2.2 Placement related to VPNs ......................................................................................................... 37 4.2.3 Bandwidth delay product ........................................................................................................... 39 4.2.4 TCP slow start ............................................................................................................................ 40 4.2.5 Continuous acknowledgements .................................................................................................. 40 4.2.6 Frequently revised content ......................................................................................................... 41 4.2.7 Redundancy ............................................................................................................................... 41 4.3 IP FRAGMENTATION ............................................................................................................................ 41 4.3.1 Fragmentation ........................................................................................................................... 41 4.3.2 VPN issue ................................................................................................................................... 42 4.4 OVERHEAD BANDWIDTH CONSUMPTION ................................................................................................... 42 2 4.5 ISSUES WITH THE IPSEC ANTI-REPLAY SYSTEM ............................................................................................. 44 4.6 MULTICAST ....................................................................................................................................... 44 4.7 MOBILITY ......................................................................................................................................... 44 4.8 QOS ENFORCEMENT ............................................................................................................................ 45 4.9 NETWORK ADDRESS TRANSLATION .......................................................................................................... 45 5 REFERENCE SCENARIOS .......................................................................................................................... 46 5.1 DEFINITION OF THE SCENARIOS ............................................................................................................... 46 5.2 PUBLIC SAFETY COMMUNICATIONS .......................................................................................................... 46 5.2.1 Scenario description ................................................................................................................... 46 5.2.2 Types of communications ........................................................................................................... 47 5.2.3 Security choices .......................................................................................................................... 48 5.2.4 VPN issues ................................................................................................................................. 48 5.3 ISP SCENARIO .................................................................................................................................... 50 5.3.1 Scenario description ..................................................................................................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages143 Page
-
File Size-