O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Secure Event Management
SEI 2 Smart Factory
Salvatore Piccione (TXT e-solutions S.p.A.)

15/11/2013

Secure Event Manageme...
Outline
• Why?

• What?
– Secure Event Management components

• So what?

15/11/2013

Secure Event Management

2
Why?
• Multitude of smart objects and services

• Demand for event-driven interactions
• Controlled access to production d...
What?

MES

CEP Engines

Remote maintenance
operators

Corporate domain border

Secure Event
Access Manager

Worker

15/11...
Events’ namespace
• Taxonomy of the events conveyed by the
event bus
• Conventions
– Leaf nodes represent event producers
...
Events’ namespace - example 1
Shop floor events
WashingMachine
Manufacturer

ProductionPlant1

ProductionLine1

…

Product...
Events’ namespace - example 1
Shop floor events
WashingMachine
Manufacturer

WashingMachineManufacturer.ProductionPlant1.
...
Events’ namespace - example 1
Shop floor events
WashingMachine
Manufacturer

WashingMachineManufacturer.ProductionPlant1.
...
Events’ namespace - example 1
Shop floor events
WashingMachine
Manufacturer

WashingMachineManufacturer.ProductionPlant1.
...
Events’ namespace - example 2
Notifications
WashingMachineManufacturer
Alerting

QualityAssurance

ProductionPlant1

Produ...
Namespace Manager

15/11/2013

Secure Event Management

11
Capability-based security

A capability is a communicable and unforgeable
token of authority.
By owning it, a process/subj...
Capability token
• Digitally signed XML document

• Based on standards for access control policies
(XACML, SAML)
• Two typ...
Anatomy of a capability token
•
•
•
•
•
•
•

Issuer (who issues the capability)
Subject (who the rights are granted to)
Re...
Capability-based security in action
trust
trust
Production Line 1
Manager

Plant 1 Manager
trust
Production Plant 1
Produc...
Capability-based security in action
trust
trust

Cap#1 (Root)
Rights: Pub/Sub (delegable)
Namespace: ShopFloorEvents
Patte...
Capability-based security in action
trust

Plant 1 Manager
trust

Cap#2 (Non-Root)
Rights: Pub/Sub (delegable)
Namespace: ...
Capability-based security in action
trust
trust

Plant 1 Manager
trust

Production Line 1
Manager
Cap#3 (Non-Root)
Rights:...
Capability-based security in action
trust
trust

Plant 1 Manager
trust

Production Line 1
Manager
Cap#4 (Non-Root)
Rights:...
Capability-based security in action
trust
trust

Plant 1 Manager
trust
Production Plant 1
Production Line 1
Station 2

Acc...
Anatomy of a capability revocation
•
•
•
•
•

Issuer
Issuer’s capability
Unique identifier of the revoked capability
Revoc...
Why are capabilities so cool?
• Principle of Least Authority (PoLA)
• Less security issues (e.g. Confused Deputy
problem)
...
Capability wizard

15/11/2013

Secure Event Management

23
Event bus
• Based on AMQP (Advanced Message
Queueing Protocol)

• Secure Event Access Manager
– capability-based security
...
Access to event streams by clients
• Managed by the Secure Event Access Manager

• How it works
1. Session setting up
2. S...
AMQP in a nutshell
Subscribers

Queue #1
Publisher

Routing key ≡ Pattern
a.b.c.
Exchange

binding(a.b.*)

Queue #2

Queue...
AMQP in a nutshell
Subscribers

a.b.c
Queue #1
Publisher
a.b.*

a.b.c.
Exchange

Queue #2

a.#

Queue #3

15/11/2013

Secu...
AMQP in a nutshell
Subscribers

a.b.c
a.b.c.

Queue #1
Publisher
a.b.*

a.b.c.
Exchange

Queue #2

a.#
a.b.c.

Queue #3

1...
AMQP in a nutshell
Subscribers

a.b.c
Queue #1
Publisher
a.b.*

a.b.x
Exchange

Queue #2

a.#

Queue #3

15/11/2013

Secur...
AMQP in a nutshell
Subscribers

a.b.c
Queue #1
Publisher
a.b.*

a.b.x
Exchange

Queue #2

a.#
a.b.x

Queue #3

15/11/2013
...
AMQP in a nutshell
Subscribers

a.b.c
Queue #1
Publisher
a.b.*

a.y.z
Exchange

Queue #2

a.#

Queue #3

15/11/2013

Secur...
AMQP in a nutshell
Subscribers

a.b.c
Queue #1
Publisher
a.b.*
Exchange

Queue #2

a.#
a.y.z

Queue #3

15/11/2013

Secure...
AMQP in a nutshell
Broker
Virtual Host #1

15/11/2013

Virtual Host #2

Secure Event Management

Virtual Host #n

33
Integrated Management Console
Management of the brokers

15/11/2013

Secure Event Management

34
Integrated Management Console
Management of the virtual hosts

15/11/2013

Secure Event Management

35
Integrated Management Console
Management of the virtual hosts-namespaces mapping

15/11/2013

Secure Event Management

36
So what?
• Complete decoupling of event sources and
consumers (asynchronous interactions,
timeliness)
• Dynamic and smooth...
Thanks for your attention!

Q&A

15/11/2013

Secure Event Management

38
Follow Us!
• Fitman website: http://www.fitman-fi.eu/

• Twitter: @FitmanFI
• Specification of this SE:
http://catalogue.f...
Próximos SlideShares
Carregando em…5
×

Secure Event Management - SEI 2 Smart Factory

1.756 visualizações

Publicada em

Salvatore Piccione (TXT e-solutions S.p.A.)

Publicada em: Tecnologia, Negócios
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Secure Event Management - SEI 2 Smart Factory

  1. 1. Secure Event Management SEI 2 Smart Factory Salvatore Piccione (TXT e-solutions S.p.A.) 15/11/2013 Secure Event Management 1
  2. 2. Outline • Why? • What? – Secure Event Management components • So what? 15/11/2013 Secure Event Management 2
  3. 3. Why? • Multitude of smart objects and services • Demand for event-driven interactions • Controlled access to production data by internal and external subjects 15/11/2013 Secure Event Management 3
  4. 4. What? MES CEP Engines Remote maintenance operators Corporate domain border Secure Event Access Manager Worker 15/11/2013 Secure Event Management 4
  5. 5. Events’ namespace • Taxonomy of the events conveyed by the event bus • Conventions – Leaf nodes represent event producers – Intermediate nodes allow consumers to select a specific set of events – Patterns to select paths or portions within the namespace • Special characters: * (exactly one node), # (zero or more nodes) 15/11/2013 Secure Event Management 5
  6. 6. Events’ namespace - example 1 Shop floor events WashingMachine Manufacturer ProductionPlant1 ProductionLine1 … ProductionLine2 ProductionLine3 … Station 6 Station9 Station2 … Thickness … Welding Marriage … Informational … Informational Informational Status Status Status 15/11/2013 Secure Event Management 6
  7. 7. Events’ namespace - example 1 Shop floor events WashingMachine Manufacturer WashingMachineManufacturer.ProductionPlant1. ProductionLine1.Station2.Status ProductionPlant1 ProductionLine1 … ProductionLine2 ProductionLine3 … Station 6 Station9 Station2 … Thickness … Welding Marriage … Informational … Informational Informational Status Status Status 15/11/2013 Secure Event Management 7
  8. 8. Events’ namespace - example 1 Shop floor events WashingMachine Manufacturer WashingMachineManufacturer.ProductionPlant1. ProductionLine1.*.Status ProductionPlant1 ProductionLine1 … ProductionLine2 ProductionLine3 … Station 6 Station9 Station2 … Thickness … Welding Marriage … Informational … Informational Informational Status Status Status 15/11/2013 Secure Event Management 8
  9. 9. Events’ namespace - example 1 Shop floor events WashingMachine Manufacturer WashingMachineManufacturer.ProductionPlant1. ProductionLine1.# ProductionPlant1 ProductionLine1 … ProductionLine2 ProductionLine3 … Station 6 Station9 Station2 … Thickness … Welding Marriage … Informational … Informational Informational Status Status Status 15/11/2013 Secure Event Management 9
  10. 10. Events’ namespace - example 2 Notifications WashingMachineManufacturer Alerting QualityAssurance ProductionPlant1 ProductionPlant1 ProductionLine1 … ProductionLine1 … Station2 … … Station6 Station 6 … … Station9 15/11/2013 … Station2 … Station9 Secure Event Management 10
  11. 11. Namespace Manager 15/11/2013 Secure Event Management 11
  12. 12. Capability-based security A capability is a communicable and unforgeable token of authority. By owning it, a process/subject can access the resource/service uniquely identified in the token and exercise the rights stated in it. 15/11/2013 Secure Event Management 12
  13. 13. Capability token • Digitally signed XML document • Based on standards for access control policies (XACML, SAML) • Two types: Root and non-Root 15/11/2013 Secure Event Management 13
  14. 14. Anatomy of a capability token • • • • • • • Issuer (who issues the capability) Subject (who the rights are granted to) Resource ID (URI of the resource) Validity Condition (validity time frame ) Issuer’s capability Granted rights and their delegability Signature 15/11/2013 Secure Event Management 14
  15. 15. Capability-based security in action trust trust Production Line 1 Manager Plant 1 Manager trust Production Plant 1 Production Line 1 Station 2 Station 2 Manager access Secure Event Access Manager 15/11/2013 trust Station 2 Worker Secure Event Management 15
  16. 16. Capability-based security in action trust trust Cap#1 (Root) Rights: Pub/Sub (delegable) Namespace: ShopFloorEvents Pattern: WashingMachineManufacturer. ProductionPlant1. ProductionLine1.Station2.* Production Line 1 Manager Station 2 Manager trust Secure Event Access Manager 15/11/2013 Station 2 Worker Secure Event Management 16
  17. 17. Capability-based security in action trust Plant 1 Manager trust Cap#2 (Non-Root) Rights: Pub/Sub (delegable) Namespace: ShopFloorEvents Pattern: Production Line WashingMachineManufacturer. Manager ProductionPlant1. ProductionLine1.Station2.* trust 1 Station 2 Manager trust Secure Event Access Manager 15/11/2013 Station 2 Worker Secure Event Management 17
  18. 18. Capability-based security in action trust trust Plant 1 Manager trust Production Line 1 Manager Cap#3 (Non-Root) Rights: Pub/Sub (delegable) Namespace: ShopFloorEvents Pattern: WashingMachineManufacturer. ProductionPlant1.ProductionLine1.Station2.* Station 2 Manager trust Secure Event Access Manager 15/11/2013 Station 2 Worker Secure Event Management 18
  19. 19. Capability-based security in action trust trust Plant 1 Manager trust Production Line 1 Manager Cap#4 (Non-Root) Rights: Sub Namespace: ShopFloorEvents Pattern: WashingMachineManufacturer. ProductionPlant1.ProductionLine1.Station2.* Station 2 Manager trust Secure Event Access Manager 15/11/2013 Station 2 Worker Secure Event Management 19
  20. 20. Capability-based security in action trust trust Plant 1 Manager trust Production Plant 1 Production Line 1 Station 2 Access request Production Line 1 Manager Cap#4 (Non-Root) Rights: Sub Namespace: ShopFloorEvents Pattern: WashingMachineManufacturer. ProductionPlant1.ProductionLine1.Station2.* Station 2 Manager trust Secure Event Access Manager 15/11/2013 Station 2 Worker Secure Event Management 20
  21. 21. Anatomy of a capability revocation • • • • • Issuer Issuer’s capability Unique identifier of the revoked capability Revocation starting date Revocation scope – Only the capability – All derived capabilities – The capability together with all derived capabilities 15/11/2013 Secure Event Management 21
  22. 22. Why are capabilities so cool? • Principle of Least Authority (PoLA) • Less security issues (e.g. Confused Deputy problem) • Arbitrary granularity of access rights • Distribution of the authorization management • Independence from complexity and dynamics of identity management • Full auditability • Revocability 15/11/2013 Secure Event Management 22
  23. 23. Capability wizard 15/11/2013 Secure Event Management 23
  24. 24. Event bus • Based on AMQP (Advanced Message Queueing Protocol) • Secure Event Access Manager – capability-based security – RESTful interface 15/11/2013 Secure Event Management 24
  25. 25. Access to event streams by clients • Managed by the Secure Event Access Manager • How it works 1. Session setting up 2. Session usage (publish/subscribe) 3. Session closing 15/11/2013 Secure Event Management 25
  26. 26. AMQP in a nutshell Subscribers Queue #1 Publisher Routing key ≡ Pattern a.b.c. Exchange binding(a.b.*) Queue #2 Queue #3 15/11/2013 Secure Event Management 26
  27. 27. AMQP in a nutshell Subscribers a.b.c Queue #1 Publisher a.b.* a.b.c. Exchange Queue #2 a.# Queue #3 15/11/2013 Secure Event Management 27
  28. 28. AMQP in a nutshell Subscribers a.b.c a.b.c. Queue #1 Publisher a.b.* a.b.c. Exchange Queue #2 a.# a.b.c. Queue #3 15/11/2013 Secure Event Management 28
  29. 29. AMQP in a nutshell Subscribers a.b.c Queue #1 Publisher a.b.* a.b.x Exchange Queue #2 a.# Queue #3 15/11/2013 Secure Event Management 29
  30. 30. AMQP in a nutshell Subscribers a.b.c Queue #1 Publisher a.b.* a.b.x Exchange Queue #2 a.# a.b.x Queue #3 15/11/2013 Secure Event Management 30
  31. 31. AMQP in a nutshell Subscribers a.b.c Queue #1 Publisher a.b.* a.y.z Exchange Queue #2 a.# Queue #3 15/11/2013 Secure Event Management 31
  32. 32. AMQP in a nutshell Subscribers a.b.c Queue #1 Publisher a.b.* Exchange Queue #2 a.# a.y.z Queue #3 15/11/2013 Secure Event Management 32
  33. 33. AMQP in a nutshell Broker Virtual Host #1 15/11/2013 Virtual Host #2 Secure Event Management Virtual Host #n 33
  34. 34. Integrated Management Console Management of the brokers 15/11/2013 Secure Event Management 34
  35. 35. Integrated Management Console Management of the virtual hosts 15/11/2013 Secure Event Management 35
  36. 36. Integrated Management Console Management of the virtual hosts-namespaces mapping 15/11/2013 Secure Event Management 36
  37. 37. So what? • Complete decoupling of event sources and consumers (asynchronous interactions, timeliness) • Dynamic and smooth addition of new events’ sources and consumers (zero downtime, scalability, flexibility) • Bringing data to the interested consumers instead of bringing consumers to data • Advanced, flexible, scalable access control 15/11/2013 Secure Event Management 37
  38. 38. Thanks for your attention! Q&A 15/11/2013 Secure Event Management 38
  39. 39. Follow Us! • Fitman website: http://www.fitman-fi.eu/ • Twitter: @FitmanFI • Specification of this SE: http://catalogue.fitman.atosresearch.eu/enabl ers/secure-event-management 15/11/2013 Secure Event Management 39

×