Bundle Protocol Security Application Data Model

An Application Data Model (ADM) provides a guaranteed interface for the management of an application or protocol over the Asynchronous Management Protocol that is independent of the nuances of its software implementation. In this respect, the ADM is conceptually similar to the Managed Information Base (MIB) used by SNMP, but contains additional information relating to command opcodes and more expressive syntax for automated behavior. Agents within the Asynchronous Management Architecture represent applications running on managed devices that are responsible for implementing the AMA services of configuration, reporting, control, and administration. These agents provide the mechnism through which applications and protocols are managed through the AMP. The BPSEC () protocol defines integrity and confidentiality mechanisms for securing extension blocks within Bundle Protocol bundle. The BPSEC ADM provides the set of information used to monitor and configure common aspects of any BPSEC software implementation.

This document describes Version 0.1 of the BPSEC ADM. The OID Root for this ADM is NOT correctly set. A sample OID Root is used in this version of the specification and MAY change in future versions of this ADM. Currently, ADMs are organizing documents and not used to automatically generate software. Future versions of this ADM should include a specification in a data modeling language (such as YANG) to better enable software generation. Agent applications MAY choose to ignore the name, description, or OID information associated with the component definitions within this ADM as these items are only used to provide human-readable information associated with user interfaces and may not be necessary on a deployed managed device.

This ADM specifies the globally unique identifiers and descriptions for all Values, Controls, Literals, and Operators associated with BPSEC management via an AMP Agent. Any BPSEC implementation claiming compliance with the BPSEC ADM MUST compute all identified primitive data when requested by an AMP Agent. Also, any BPA implementation claiming compliance with the BPA ADM MUST execute all identified controls when requested by an AMP Agent. Any AMP Agent claiming to support the BPSEC ADM must compute all identifier data, perform identified controls/operators, and understand identified literals/metadata.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

The Managed Identifiers (MIDs) used with this ADM encapsulate OIDs within a globally managed OID tree. The OID node from which all of the MIDs in this specification derive is called the "BPSEC ADM OID Root". This section identifies this root in the overall OID tree. NOTE: This version of the BPSEC ADM uses a proxy BPSEC ADM Root that has NOT been assigned. The BPSEC ADM Root in this version of the document is only used for experimental purposes and MAY change before the final release of this specification. BPSEC ADM OID ROOT STRING iso.identified-organization.dod.internet.mgmt.amp.bpsec BPSEC ADM ROOT ID STRING 1.3.6.1.2.3.9 BPSEC ADM ROOT OID (octets) 2B 06 01 02 03 09 The subtree under the BPSEC ADM OID ROOT contains eight subbranches that capture metadata, Primitive Values, Computed Values, Reports, Controls, Literals, Macros, and Operators as illustrated in .

BPSEC ADM ROOT (1.3.6.1.2.3.9) | Meta- Primitive Computed | Data Data Data Rpts | Ctrls Literals Macros Ops (.0) (.1) (.2) (.3) | (.4) (.5) (.6) (.7) +-------+---------+------+---------+------+----------+---------+

The following managed nicknames are provided to generate compressed OIDs within the AMP. Compressed OIDs enable shortening of common subtrees into a single numerical identifier to avoid the significant repetition incumbent with using OIDs from a common subtree. The nicknames defined by this ADM are given in . Unique ID Label OID as ASN.1 BER 40 BPSEC Metadata 0x2B060102030900 41 BPSEC Primitive Values 0x2B060102030901 42 BPSEC Computed Values 0x2B060102030902 43 BPSEC Reports 0x2B060102030903 44 BPSEC Controls 0x2B060102030904 45 BPSEC Literals 0x2B060102030905 46 BPSEC Macros 0x2B060102030906 47 BPSEC Operators 0x2B060102030907 49 BPSEC Root 0x2B0601020309

The components in this specification are identified by their AMP MID value. However, for easier traceability back to the OIDs encapsulated in MIDs, an OID string is also provided for each component. These OID strings are provided in a shorthand that makes use of the nicknames defined in and uses the form [nickname].relative-oid. For example, the OID String [44].3.2.1 corresponds to the OID 2B060102030904030201, with 2B060102030904 being the expansion of nickname 44 and 030201 being the relative OID.

ADM metadata consists of the items necessary to uniquely identify the ADM to Managers within the AMA. This includes items such as the name of the ADM, its version, and any nicknames used within the ADM. Name MID (Hex) OID (Str) Description Type Value Label 0x80280100 [40].0 The human-readable ADM name. STR BPSEC ADM Version 0x80280101 [40].1 The ADM version. STR 2016_05_16

Primitive Value definitions represent those values that MUST be collected by the BPSEC protocol handler. Changing or updating Primitive Value definitions requires making changes to the BPSEC protocol handler and/ or its supporting firmware. MID OID Decription Type Parms 80290100 [41].0 Total Successfully Tx BCB blocks UINT None 80290101 [41].1 Total Unsuccessfully Tx BCB blocks UINT None 80290102 [41].2 Total Successfully Rx BCB blocks UINT None 80290103 [41].3 Total Unsuccessfully Rx BCB blocks UINT None 80290104 [41].4 Total Missing-on-Rx BCB blocks UINT None 80290105 [41].5 Total Forwarded BCB blocks UINT None 80290106 [41].6 Total Successfully Tx BCB bytes UINT None 80290107 [41].7 Total Unsuccessfully Tx BCB bytes UINT None 80290108 [41].8 Total Successfully Rx BCB bytes UINT None 80290109 [41].9 Total Unsuccessfully Rx BCB bytes UINT None 8029010A [41].A Total Missing-on-Rx BCB bytes UINT None 8029010B [41].B Total Forwarded BCB bytes UINT None 8029010C [41].C Total Successfully Tx BIB blocks UINT None 8029010D [41].D Total Unsuccessfully Tx BIB blocks UINT None 8029010E [41].E Total Successfully Rx BIB blocks UINT None 8029010F [41].F Total Unsuccessfully Rx BIB blocks UINT None 80290110 [41].10 Total Missing-on-Rx BIB blocks UINT None 80290111 [41].11 Total Forwarded BIB blocks UINT None 80290112 [41].12 Total Successfully Tx BIB bytes UINT None 80290113 [41].13 Total Unsuccessfully Tx BIB bytes UINT None 80290114 [41].14 Total Successfully Rx BIB bytes UINT None 80290115 [41].15 Total Unsuccessfully Rx BIB bytes UINT None 80290116 [41].16 Total Missing-on-Rx BIB bytes UINT None 80290117 [41].17 Total Forwarded BIB bytes UINT None 80290118 [41].18 Last BPSEC Update TS None 80290119 [41].19 Number of Known Keys UINT None 8029011A [41].1A Known Key Names (CSV) STRING None 8029011B [41].1B Known Ciphersuite Names (CSV) STRING None 8029011C [41].1C Known Rule Sources (CSV) STRING None C029011D [41].1D Successfully Tx BCB blocks from SRC UINT STR Src C029011E [41].1E Failed Tx BCB blocks from SRC UINT STR Src C029011F [41].1F Successfully Rx BCB blocks from SRC UINT STR Src C0290120 [41].20 Failed Rx BCB blocks from SRC UINT STR Src C0290121 [41].21 Missing-on-Rx BCB blocks from SRC UINT STR Src C0290122 [41].22 Forwarded BCB blocks from SRC UINT STR Src C0290123 [41].23 Successfully Tx BCB bytes from SRC UINT STR Src C0290124 [41].24 Failed Tx BCB bytes from SRC UINT STR Src C0290125 [41].25 Successfully Rx BCB bytes from SRC UINT STR Src C0290126 [41].26 Failed Rx BCB bytes from SRC UINT STR Src C0290127 [41].27 Missing-on-Rx BCB bytes from SRC UINT STR Src C0290128 [41].28 Forwarded BCB bytes from SRC UINT STR Src C0290129 [41].29 Successfully Tx BIB blocks from SRC UINT STR Src C029012A [41].2A Failed Tx BIB blocks from SRC UINT STR Src C029012B [41].2B Successfully Rx BIB blocks from SRC UINT STR Src C029012C [41].2C Failed Rx BIB blocks from SRC UINT STR Src C029012D [41].2D Missing-on-Rx BIB blocks from SRC UINT STR Src C029012E [41].2E Forwarded BIB blocks from SRC UINT STR Src C029012F [41].2F Successfully Tx BIB bytes from SRC UINT STR Src C0290130 [41].30 Failed Tx BIB bytes from SRC UINT STR Src C0290131 [41].31 Successfully Rx BIB bytes from SRC UINT STR Src C0290132 [41].32 Failed Rx BIB bytes from SRC UINT STR Src C0290133 [41].33 Missing-on-Rx BIB bytes from SRC UINT STR Src C0290134 [41].34 Forwarded BIB bytes from SRC UINT STR Src C0290135 [41].35 Last BPSEC Update from SRC TS STR Src C0290136 [41].36 Last Reset TS STR Src

The BPSEC ADM defines no computed values.

A Report is a listing of data items including Primitive Value definitions, Computed Value definitions, and other Reports returned from an AMP Agent. Similar to Computed Values, Report definitions are captured as a MID Collection (MC), which is the ordered set of MIDs identifying individual data items that comprise the report.

+----------+------------+-------+----------------------------+------+ | Name | MID | OID | Description | Type | +----------+------------+-------+----------------------------+------+ | Source | 0xC22B0101 |[43].1 | Security Info By Source | RPT | | Report | | | | | +----------+------------+-------+----------------------------+------+ | Definition | +-------------------------------------------------------------------+ | 0x1A 0xC029011D 0xC029011E 0xC029011F 0xC0290120 0xC0290121 | | 0xC0290122 0xC0290123 0xC0290124 0xC0290125 0xC0290126 | | 0xC0290127 0xC0290128 0xC0290129 0xC029012A 0xC029012B | | 0xC029012C 0xC029012D 0xC029012E 0xC029012F 0xC0290130 | | 0xC0290131 0xC0290132 0xC0290133 0xC0290134 0xC0290135 | | 0xC0290136 | +-------------------------------------------------------------------+

Controls represent well-known command opcodes that can be run by the Agent in response to direct requests by an AMP Manager, or in response to time- or state-based rules on the Agent itself.

Name MID OID # Prms Prms ResetAllCounts 0x832C0100 [44].0 0 () ResetSrcCounts 0xC32C0101 [44].1 1 (STR Src) DelKey 0xC32C0102 [44].2 1 (STR KeyName) AddKey 0xC32C0103 [44].3 2 (STR KeyName, BLOB Key) AddBibRule 0xC32C0104 [44].4 5 (STR Src, STR Dest, INT Tgt, STR Cs, STR Key) DelBibRule 0xC32C0105 [44].5 3 (STR Src, STR Dest, INT Tgt) ListBibRules 0x832C0106 [44].6 0 () AddBcbRule 0xC32C0107 [44].7 5 (STR Src, STR Dest, INT Tgt, STR Cs, STR Key) DelBcbRule 0xC32C0108 [44].8 3 (STR Src, STR Dest, INT Tgt) ListBcbRules 0x832C0109 [44].9 0 ()

This section lists the description, parameters, and reports generated for each Control specified in this ADM. The "DESCRIPTION" section lists the functional requirements of the Control when run on an Agent. The "PARAMETERS" section illustrates and describes the ordered set of data items provided to the Control, when run on the Agent. A parameterized Control is represented in the AMP by a MID encapsulating a parameterized OID. OID parameters are captured as a Typed Data Collection (TDC). The TDC capturing these parameters is elided for clarity, as the TDC is only the container used to transmit the parameters between the Agent and Manager and not expected as input to the Control itself. The "REPORTS GENERATED" section describes the format of any Reports sent from the Agent to a Manager as a result of running the Control. This section ONLY describes Reports that are specific to the Control. Cases where policy requires Agents to send summary Reports when Controls either run or fail to run due to error, are not considered in this section as they are not specific to any one Control. Any Control summary reports should be as described in . Reports generated on an Agent by a Control will either be directly sent to the Manager executing the Control or otherwise batched and send with other Reports destined for the receiving Manager. This behavior will be based on the policy associated with the AMP Agent and is not specified in this ADM.

The ResetAllCounts control causes the Agent to reset all counts associated with block or byte statistics and to set the Last Reset Time of the BPSEC Primitive Data to the time when the control was run. All per-source counters will be cleared as will the listing of known sources into the BPSEC agent. This control does not take any parameters. This control does not produce any reports.

The ResetSrcCounts control causes the Agent to reset all counts (blocks and bytes) associated with a given bundle source and set the Last Reset Time of the source statistics to the time when the control was run. THe source will still be returned in any query of known sources, but its counters will be zero immediately after this call. This Control accepts 1 parameter as illustrated in .

+------------+ | Source EID | | [STR] | +------------+ Where: Source EID = The EID of the source being queried. This MUST be an exact match to the source to query. Regular expressions and other wildcards are not allowed. This control does not produce any reports.

The DelKey control deletes a key from the BPSEC system. This Control accepts 1 parameter as illustrated in .

+----------+ | Key Name | | [STR] | +----------+ Where: Key Name = The string name of the key being deleted. This control does not produce any reports.

The AddKey control adds a key to the BPSEC system. This Control accepts 2 parameter as illustrated in .

+----------+----------+ | Key Name | Key Data | | [STR] | [BLOB] | +----------+----------+ Where: Key Name = Is the string name used ot identify the key. This name is used to reference the key in BIB and BCB rules and to identify the key when it is deleted. Key Data = The binary value of the key. This control does not produce any reports.

The AddBibRule control configures policy on the BPSEC protocol implementation the describes how BIB blocks should be applied to bundles in the system. This policy is captured as a rule which states when transmitting a bunde from the given source EID to the given destination EID, blocks of type target should have a BIB added to them using the given ciphersuite and the given key. This Control accepts 5 parameters as illustrated in .

+--------+-------+--------+----------------+----------+ | Source | Dest | Target | Ciphersuite ID | Key Name | | [STR] | [STR] | [INT] | [STR] | [STR] | +--------+-------+--------+----------------+----------+ Where: Source = The source EID associated with this rule. This EID may contain an exactly EID or an EID containing wildcard symbols. The wildcard symbol * matches zero or more characters. The wildcard symbol ~, which may be used only by itself, indicates a match to all EIDs. Dest = The destination EID associated with this rule. This EID may contain an exactly EID or an EID containing wildcard symbols. The wildcard symbol * matches zero or more characters. The wildcard symbol ~, which may be used only by itself, indicates a match to all EIDs. Target = The block type to which this rule will apply. Ciphersuite ID = The name oft he ciphersuite to be used to populate the BIB. This ciphersuite MUST be known to the BPSEC protocol implementation being managed and be approved for use with BIB blocks. Key Name = The name of the key to be used to generate the BIB for this given target block. This key name MUST match the name of a key known to the BPSEC implementation, either from pre-configuration or through the use of the AddKey control. This control does not produce any reports.

The DelBibRule control removes any configured policy on the BPSEC protocol implementation the describes how BIB blocks should be applied to bundles in the system. A BIB policy is uniquely identified by a source EID, a destination EID, and a target block type. This Control accepts 3 parameters as illustrated in .

+--------+-------+--------+ | Source | Dest | Target | | [STR] | [STR] | [INT] | +--------+-------+--------+ Where: Source = The source EID associated with this rule. This string must syntactically match the configured source EID for the rule to be deleted. If the existing rule source EID contains a wildcard, this parameter must contain a wildcard. This control does not interpret EID name wildcards, it simply performs a string comparison. Dest = The destination EID associated with this rule. This string must syntactically match the configured destination EID for the rule to be deleted. If the existing rule destination EID contains a wildcard, this parameter must contain a wildcard. This control does not interpret EID name wildcards, it simply performs a string comparison. Target = The block type of the BIB rule to be deleted. This control does not produce any reports.

The ListBibRules control returns a table describing all of the BIB policy rules that are known to the BPSEC implementation. This control takes no parameters. This control produces a table whose column structure is illustrated in .

The AddBcbRule control configures policy on the BPSEC protocol implementation the describes how BCB blocks should be applied to bundles in the system. This policy is captured as a rule which states when transmitting a bunde from the given source EID to the given destination EID, blocks of type target should have a BCB added to them using the given ciphersuite and the given key. This Control accepts 5 parameters as illustrated in .

+--------+-------+--------+----------------+----------+ | Source | Dest | Target | Ciphersuite ID | Key Name | | [STR] | [STR] | [INT] | [STR] | [STR] | +--------+-------+--------+----------------+----------+ Where: Source = The source EID associated with this rule. This EID may contain an exactly EID or an EID containing wildcard symbols. The wildcard symbol * matches zero or more characters. The wildcard symbol ~, which may be used only by itself, indicates a match to all EIDs. Dest = The destination EID associated with this rule. This EID may contain an exactly EID or an EID containing wildcard symbols. The wildcard symbol * matches zero or more characters. The wildcard symbol ~, which may be used only by itself, indicates a match to all EIDs. Target = The block type to which this rule will apply. Ciphersuite ID = The name oft he ciphersuite to be used to populate the BCB. This ciphersuite MUST be known to the BPSEC protocol implementation being managed and be approved for use with BCB blocks. Key Name = The name of the key to be used to generate the BCB for this given target block. This key name MUST match the name of a key known to the BPSEC implementation, either from pre-configuration or through the use of the AddKey control. This control does not produce any reports.

The DelBcbRule control removes any configured policy on the BPSEC protocol implementation the describes how BCB blocks should be applied to bundles in the system. A BCB policy is uniquely identified by a source EID, a destination EID, and a target block type. This Control accepts 3 parameters as illustrated in .

+--------+-------+--------+ | Source | Dest | Target | | [STR] | [STR] | [INT] | +--------+-------+--------+ Where: Source = The source EID associated with this rule. This string must syntactically match the configured source EID for the rule to be deleted. If the existing rule source EID contains a wildcard, this parameter must contain a wildcard. This control does not interpret EID name wildcards, it simply performs a string comparison. Dest = The destination EID associated with this rule. This string must syntactically match the configured destination EID for the rule to be deleted. If the existing rule destination EID contains a wildcard, this parameter must contain a wildcard. This control does not interpret EID name wildcards, it simply performs a string comparison. Target = The block type of the BCB rule to be deleted. This control does not produce any reports.

The ListBcbRules control returns a table describing all of the BCB policy rules that are known to the BPSEC implementation. This control takes no parameters. This control produces a table whose column structure is illustrated in .

The BPSEC ADM does not define any literals.

The BPSEC ADM does not define any macros.

The BPSEC ADM does not define any operators.

At this time, this protocol has no fields registered by IANA.