SlideShare uma empresa Scribd logo

Pragmatic approach to_dds_security_2008

Gerardo Pardo-Castellote
Gerardo Pardo-Castellote

This presentation, given at the 2008 OMG real-time workshop discusses on-going research on the development on a secure DDS solution that can be practically deployed using today’s infrastructure. We will discuss issues such as: (1) The definition of a SE Linux security policy suitable for DDS applications, including an identification of the Linux Objects and operations that must be enabled for DDS to work. (2) The techniques available for deploying DDS on typical WAN environments, including networks that contain NATs. (3) The definition of a pragmatic Role-Based Access Control model to protect DDS Topics and how to enforce the policies using the tools available in the standard PKI. (4) The impact on performance and real-time predictability that these techniques introduce.

TecnologiaNegócios
1 de 40
Baixar para ler offline
Integrating DDS into secure net-centric systems: A pragmatic approach RTESS, Washington DC, July 2008 Ariel Salomon Gerardo Pardo-Castellote, Ph.D. Senior Software Engineer Chief Technology Officer Real-Time Innovations, Inc. Real-Time Innovations, Inc. ariel.salomon@rti.com gerardo@rti.com
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with Role-Based Access Control (RBAC) Additional Concerns Conclusion
Motivation Net-centric systems rely on information sharing… – They are built on top a Shared Information Space or Common- Operational Picture – They assume information availability where and when it is needed As the system scope expands Security/IA becomes a concern – Information flow must be restricted to the intended/authorized recipients – Can no longer assume a single protection domain.
Application Requirements High-level goal: “control and restrict access to information such that it is only accessible to the intended/authorized recipients.” Secondary goals include: – guaranteed access to the information by the authorized users prevent denial of service attacks – audit trails – ensure non-repudiation (guarantee identity of the source of the information) – deployable within the exiting Internet Environment This breaks down into – Functional requirements: Authentication, Confidentiality, Integrity Availability – Non-functional requirements: Manageability, Accountability, Assurance – Deployment requirements: Work in WAN environment, operate across NATs / IPv6 / lossy and bandwidth-constrained channels Work in conjunction with other network security measures
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
DDS Communications model Provides a “Global Data Space” that is accessible to all interested applications. – Data objects addressed by Domain, Topic and Key – Subscriptions are decoupled from Publications – Contracts established by means of QoS – Automatic discovery and configuration Participant Participant Pub Pub Track,2 Participant Sub Sub Track,1 Track,3 Global Data Space Participant Pub Participant Alarm Sub
Security Terminology Principals and Subjects – The active entities Principals are the entities that can be granted access control (e.g. the human users) . Subjects are active computer-system entities that bound to principals and operate on their behalf. Subjects perform the actions on the objects. Objects – The passive entities can be accessed or manipulated – e.g. memory, files, sockets, semaphores, etc. Access operations – the actions that can be performed on the objects e.g. read memory, write a message on a socket. Security model – The architecture, concepts, and algorithms used to define the access control restrictions on the objects and the access rights given to principals. – Examples are Mandatory Access Control (MAC), Role-based Access Control (RBAC), Discretionary Access Control (DAC), etc. Security policy – a set of goals, rules, and regulations regarding the access rights to information and objects. – defines what is allowed and what is not allowed within a particular security model. – Examples are the Bell LaPadula model, the Biba model, Chinese Wall, etc.
DDS Domain Separation Discovery records security subject about entities are also security objects DomainParticipant Node Domain1 DR 1 1 DW 1 Instance DR 2 Instance DR 3 DW 2 1 security objects Domain2 DW 3 DR 4 2 DW 4 Instance DR 5 2 Instance DR 6 DW 5 Topic “green” Topic “orange”
DDS communications model Data Domain Data Domain Failed to Participant Reader Participant Writer produce “Circle” Failed to “Circle” data get data Offered Offered Listener QoS Listener QoS Publisher declares information it has and specifies the Topic – and the offered QoS contract – and an associated listener to be alerted of any significant status changes Subscriber declares information it wants and specifies the Topic – and the requested QoS contract – and an associated listener to be alerted of any significant status changes DDS automatically discovers publishers and subscribers – DDS ensures QoS matching and alerts of inconsistencies
DDS access control model Peer credential Not Domain Domain Participant rejected Participant allowed Listener ID not recognize Credential d Credential Security Listener (ID) Plugin (ID) Joining a domain is an access operation Participant A declares credentials (ID) it has to join domain Participant B declares credentials it has to join domain DDS limits discovery – Verify credentials received over discovery, apply security policy – Do not communicate with peers if they do not have proper credentials – Output: Provide notification, audit trail for access failures
DDS access control model Access Access Data Domain denied Domain Writer Participant Participant denied Listener “Circle” Writer not allowed Credential Credential Security Listener (ID) Security Plugin (ID) Plugin Creating a reader or writer is an access operation Participant A declares credentials (ID) it has to join domain, publish data – and creates writer with topic, offered QoS contract, listener, ... Participant B declares credentials it has to join domain, subscribe to data – and creates reader with topic, requested QoS contract, listener, ... DDS limits discovery to allowed publishers and subscribers – Verify credentials received over discovery, apply security policy – Do not communicate with peers if they do not have proper credentials – Output: Provide notification, audit trail for access failures
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Proposed DDS Security Model (Pardo, 2007) The approach is based on two ideas: – Secure Domains – Confidential Topics Secure Domains – Limit each Global Data Space (DDS Domain) to contain information at a single level of security – Only authorized participants are allowed to join a Domain – All domain communications are confidential – All information is accessible to all members of the domain Confidential need-to-know Topics – Within a Global Data Space allow participants to read and write Topics on a “need to know basis” – Separate “right to read” from “right to write” – Each Topic is authorized and protected separately
Confidential DDS Topics The RBAC model applied to DDS Topics Each Topic is assigned a list of “reader roles” and a list of “writer roles”. – ‘reader roles’ are the roles of the principals that can read the Topic – ‘writer roles’ are the roles of principals that can write the Topic Each Participant attached to the Domain is assigned a set of roles. – Write access to the Topic given only to Participants that have a role that appears in the list of “writer roles” for the Topic – Read access to the Topic given only to Participants that have a role that appears in the list of “reader roles” for the Topic – These access operation can be limited in terms of allowed QoS Result: – Limits access to the Topic only to the principals (the DDS Participants) that have the “need to know” for that Topic – A single domain can carry traffic of multiple security levels
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Mandatory Access Control at Transport Layer Use DTLS – datagram flavor of TLS/SSL – TLS/SSL provides a handshake to transfer certificates and establish security context Once verified DTLS establishes secure communications between each pair of participants Also provides integrity from cryptographic hash Disadvantages: – Multicast is not supported – All-or-nothing security
RTI Secure Transport Domain Participant 1 Domain Participant 2 DTLS traffic DTLS handshaking DTLS DTLS handshaking DTLS RTPS discovery Encrypted RTPS RTPS user traffic DDS DDS RTPS Discovery Traffic RTPS User Traffic Application 1 Application 2
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Operating System Security Integration Trusted operating systems (such as SELinux, Trusted Solaris) provide fine-grained access control for system resources: – Network ports – Inter-process communication (IPC) objects These policies can be mapped to the required resources to join a DDS domain – DDS Wire Protocol standard specifies ports used for discovery, default ports for user data – For a configured system, there is a required set of ports and/or IPC objects that must be used to join the domain This requires no changes to DDS, and provides another mechanism for domain separation
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Performance Implications of Security for Real-Time Systems Real-time systems must balance need for security with system constraints: – Mechanisms for security can not introduce lack of availability – Especially a concern for small embedded systems, in which case hardware acceleration may be a necessity Two major classes of cryptographic methods – Symmetric methods relatively efficient, especially with hardware acceleration – Asymmetric cryptographic methods are several orders of magnitude more expensive, but are needed for authentication and non- repudiation DTLS Transport uses both types of cryptographic algorithms – symmetric methods for encryption and message integrity (AES, SHA- 1, etc.) – asymmetric for authentication and key establishment (RSA, DSA, DH)
Performance: Latency Encryption of data transported on Gigabit Ethernet between moderate-performance Linux workstations (2GHz Opteron). 400 350 300 Latency (us) 250 200 150 100 50 0 16 32 64 128 256 512 1024 Data Size (bytes) UDPv4 DTLS Transport (AES128) DTLS Transport (AES256) DTLS Transport (IDEA-CBC)
Performance: Throughput (1kB) Encryption of data transported on Gigabit Ethernet between moderate-performance Linux workstations (2GHz Opteron). 600 500 1kB block size 400 Mb/s 300 200 100 0 UDPv4 DTLS DTLS DTLS Transport Transport Transport (AES128) (AES256) (IDEA-CBC)
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Integrated DDS Security Integrating an access control model into DDS can provide additional benefits – Finer-grained security than above mechanisms – Native DDS mechanisms for notification within application – DDS discovery can be used to bootstrap multicast security mechanisms Role-based access control is a good model for net- centric systems Plugin architecture for secure reference monitor can be used to avoid limiting decisions about access control model, extensibility
Configuring an Application for Secure DDS Domain Participant Credential: Name = Ariel_Rti Public Key = ABCD1234... Credential Security (ID) Security Level = Secret Plugin Roles = Engineer, Staff (signature) When creating participant, specify credentials and policy management plugin (in QoS) DDS checks credentials on entity creation – Return error value DDS checks credentials on discovery match – Event used to notify via listener or waitset – Notification may be sent to peer if allowed by permisions
Notifications Of local application of rules: fail to create – e.g. new return code: DDS_RETCODE_NOT_PERMITTED Of application of rules to discovered entities: events via listener or waitset – on_participant_matched() – on_rejected_credential(ID) – on_access_denied(handle, topic) And existing events – on_subscription_matched() – on_publication_matched()
Role-based Access Control for Domains Access to join domains is mediated by the security plugin – Domains can be used to segregate security levels Roles can be used to limit: – Which users can join a domain – Who can create topics in the domain ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Security Level Join Domain roles Create Topic roles 3 Unclassified staff, user, engineer, admin engineer, admin 4 Secret staff, admin admin
Role-based Access Control for Topics Access to topics within a domain can also be mediated by the security plugin Roles can be used to limit who can write/read individual topics ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Topic Write roles Read roles 3 Square engineer staff, user 3 Circle admin staff, user 3 Triangle staff engineer
Role-based Access Control for Qos? Access to topics can be parameterized further Roles can be used to limit allowed levels of service to write/read individual topics ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Topic Write roles Read roles 3 Square engineer staff [RELIABLE], user [BE only] 3 Circle admin staff [KEEP ALL], user[KEEP LAST 1] 3 Triangle staff engineer
Security Plugin Interface The security plugin can take additional information into account when making access decisions: – QoS policies specified when creating entities – Mandatory content filtering /* domain access control */ bool is_domain_join_permitted(credential, domain, participant_qos); /* within-domain access control */ bool is_topic_create_permitted(credential, domain, topic, topic_qos); bool is_read_permitted(credential, domain, topic, requested_qos, content_filter <inout>); bool is_write_permitted(credential, domain, topic, offer_qos, content_filter <inout>);
DDS Protocol Updates for Security? In addition to integrated access control, protocol updates could provide: – Encapsulated key management protocol – Secure wrapper for DDS submessages Potential benefits – Variable level of security for different topics Confidentiality and/or integrity and source authentication – Use of shared keys to support multicast security
Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
Additional Concern: Security Policy Management Complex systems require complex security policies Dynamic net-centric systems require dynamic security policies Authorization management for complex, dynamic net- centric systems needs to be agile for effective update when the system changes Recommendation: Model-Based Security Benefits – Cost savings – Enabled agility (growth, re-use) Ulrich Lang, Ph.D. – Improved security Chief Executive Officer ObjectSecurity LLC ulrich.lang@objectsecurity.com
Op e n TM P MF 2 . 0 Solution: OpenPMF 2.0 Model Driven Security Management Specify security requirements in abstract models Generate enforceable security policies automatically Protect & monitor applications automatically, e.g. for SOA
Op e n TM Solution: OpenPMF 2.0 P MF 2 . 0 Model Driven Security Management Model-driven security management product Mainstream within 5 years (Gartner) Benefits Align business and IT security Cost saving Enable IT agility (+ growth) Improved security OpenPMF 2.0 for DDS Specify fine-grained, customizable authorization rules for DDS Governs information flows between DDS publishers and subscribers Related to XACML architecture, but with model-driven security support Next steps: Extend model-driven security management support for DDS www.openpmf.com – www.modeldrivensecurity.org – www.objectsecurity.com
Op e n TM P MF 2 . 0 Model Driven Security Management OpenPMF 2.0 Model-Driven Security Example Example: HIPAA healthcare regulatory requirement Security requirements mapped from EA layer of abstraction… …via fine-grained machine- enforceable authorization rules (OpenPMF PDL, XACML) … …to automatic run-time authorization enforcement of information flows (fine-grained, policy-driven, context-aware, content-aware etc.) www.modeldrivensecurity.org
Additional Concern: Wide-Area Network (WAN) Support Requirements – Integrate DDS peers across more complex network configurations – Provide secure communication over WAN Possible forms of solution – WAN Transport architecture using NAT traversal protocols directly between peers – WAN Router architecture using statically configured proxy applications In both cases, access control mechanisms must be used to avoid introducing vulnerabilities
Additional Concern: OS Mechanisms for Multiple Levels of Security (MLS) Partitioned operating systems or hypervisors can provide multiple virtual machines each running at different security levels If each partition can separately configure the allowed set of ports or IPC objects, DDS access can be segregated by security level Partitioned CPU and memory resources can provide additional protection against denial-of-service due to a badly behaved component at a lower security level These operating system mechanisms can be used to compartmentalize systems with more complex management of security policies
Conclusion Security and Information Assurance is critical for net- centric systems as system scope expands – Systems getting more complex, more interconnected – More avenues of attack Today: Mechanisms exist for coarse levels of access control to critical data in DDS systems – Secure transport (DTLS) – Secure operating systems Future: Integrated DDS security will meet needs of systems as complexity increases – Fine-grained access control, scalable mechanisms – Capabilities to manage, control, and provide assurance

Recomendados

DDS Security
DDS SecurityDDS Security
DDS Security
Angelo Corsaro
 
Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5
Ali Habeeb
 
280 284
280 284280 284
280 284
Editor IJARCET
 
Jq3417501753
Jq3417501753Jq3417501753
Jq3417501753
IJERA Editor
 
IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED-V2I1P29
IJSRED-V2I1P29
IJSRED
 
Week3 lecture
Week3 lectureWeek3 lecture
Week3 lecture
Shaikha AlQaydi
 
IRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud ComputingIRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud Computing
IRJET Journal
 
Sabett: ESRA Identity Management 11-09-10
Sabett: ESRA Identity Management 11-09-10Sabett: ESRA Identity Management 11-09-10
Sabett: ESRA Identity Management 11-09-10
Electronic Signature & Records Association
 

Recomendados

DDS Security
DDS SecurityDDS Security
DDS Security
Angelo Corsaro
 
Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5
Ali Habeeb
 
280 284
280 284280 284
280 284
Editor IJARCET
 
Jq3417501753
Jq3417501753Jq3417501753
Jq3417501753
IJERA Editor
 
IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED-V2I1P29
IJSRED-V2I1P29
IJSRED
 
Week3 lecture
Week3 lectureWeek3 lecture
Week3 lecture
Shaikha AlQaydi
 
IRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud ComputingIRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud Computing
IRJET Journal
 
Sabett: ESRA Identity Management 11-09-10
Sabett: ESRA Identity Management 11-09-10Sabett: ESRA Identity Management 11-09-10
Sabett: ESRA Identity Management 11-09-10
Electronic Signature & Records Association
 
HACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy SignatureHACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy Signature
IDES Editor
 
Digital Watermarking
Digital WatermarkingDigital Watermarking
Digital Watermarking
Agrani Rastogi
 
digital-water-marking-created-by-subrat&rubi
digital-water-marking-created-by-subrat&rubidigital-water-marking-created-by-subrat&rubi
digital-water-marking-created-by-subrat&rubi
mishrasubrat
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
Sej Visawadia
 
Soc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvichSoc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvich
Aniketos EU FP7 Project
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
Asankhaya Sharma
 
DDS Security Specification (Adopted Beta1 June 2014)
DDS Security Specification (Adopted Beta1 June 2014)DDS Security Specification (Adopted Beta1 June 2014)
DDS Security Specification (Adopted Beta1 June 2014)
Gerardo Pardo-Castellote
 
OMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission documentOMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission document
Gerardo Pardo-Castellote
 
OMG Application Instrumentation Specification
OMG Application Instrumentation SpecificationOMG Application Instrumentation Specification
OMG Application Instrumentation Specification
Gerardo Pardo-Castellote
 
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
Gerardo Pardo-Castellote
 
Rpc over-dds-rti-e prosima-twinoaks-submission-v5
Rpc over-dds-rti-e prosima-twinoaks-submission-v5Rpc over-dds-rti-e prosima-twinoaks-submission-v5
Rpc over-dds-rti-e prosima-twinoaks-submission-v5
Gerardo Pardo-Castellote
 
OMG DDS Security Draft Specification - June 2013 revised submission document
OMG DDS Security Draft Specification - June 2013 revised submission documentOMG DDS Security Draft Specification - June 2013 revised submission document
OMG DDS Security Draft Specification - June 2013 revised submission document
Gerardo Pardo-Castellote
 
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFIRTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
Gerardo Pardo-Castellote
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
Gerardo Pardo-Castellote
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
Gerardo Pardo-Castellote
 
Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++
Sumant Tambe
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
Gerardo Pardo-Castellote
 
OMG Data-Distribution Service Security
OMG Data-Distribution Service SecurityOMG Data-Distribution Service Security
OMG Data-Distribution Service Security
Gerardo Pardo-Castellote
 
Top Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDSTop Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDS
Real-Time Innovations (RTI)
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud security
Microsoft TechNet - Belgium and Luxembourg
 
DDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing StandardDDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing Standard
Angelo Corsaro
 
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
Gerardo Pardo-Castellote
 

Mais conteúdo relacionado

Mais procurados

HACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy SignatureHACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy Signature
IDES Editor
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
Asankhaya Sharma
 

Mais procurados (6)

HACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy SignatureHACBPS: A Hierarchical Access Control- Based Proxy Signature
HACBPS: A Hierarchical Access Control- Based Proxy Signature
 
Digital Watermarking
Digital WatermarkingDigital Watermarking
Digital Watermarking
 
digital-water-marking-created-by-subrat&rubi
digital-water-marking-created-by-subrat&rubidigital-water-marking-created-by-subrat&rubi
digital-water-marking-created-by-subrat&rubi
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
 
Soc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvichSoc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvich
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
 

Destaque

RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFIRTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
Gerardo Pardo-Castellote
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
Gerardo Pardo-Castellote
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
Gerardo Pardo-Castellote
 

Destaque (9)

DDS Security Specification (Adopted Beta1 June 2014)
DDS Security Specification (Adopted Beta1 June 2014)DDS Security Specification (Adopted Beta1 June 2014)
DDS Security Specification (Adopted Beta1 June 2014)
 
OMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission documentOMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission document
 
OMG Application Instrumentation Specification
OMG Application Instrumentation SpecificationOMG Application Instrumentation Specification
OMG Application Instrumentation Specification
 
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
DDS Interoperability Demo using the DDS-RTPS standard protocol 2010
 
Rpc over-dds-rti-e prosima-twinoaks-submission-v5
Rpc over-dds-rti-e prosima-twinoaks-submission-v5Rpc over-dds-rti-e prosima-twinoaks-submission-v5
Rpc over-dds-rti-e prosima-twinoaks-submission-v5
 
OMG DDS Security Draft Specification - June 2013 revised submission document
OMG DDS Security Draft Specification - June 2013 revised submission documentOMG DDS Security Draft Specification - June 2013 revised submission document
OMG DDS Security Draft Specification - June 2013 revised submission document
 
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFIRTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
RTI/Cisco response to the OMG Software Defined Networks (SDN) RFI
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 

Semelhante a Pragmatic approach to_dds_security_2008

Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++
Sumant Tambe
 
Top Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDSTop Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDS
Real-Time Innovations (RTI)
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
OpenStorageSummit
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Open Data Center Alliance
 
Active directory ds ws2008 r2
Active directory ds ws2008 r2Active directory ds ws2008 r2
Active directory ds ws2008 r2
MICTT Palma
 

Semelhante a Pragmatic approach to_dds_security_2008 (20)

Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
 
OMG Data-Distribution Service Security
OMG Data-Distribution Service SecurityOMG Data-Distribution Service Security
OMG Data-Distribution Service Security
 
Top Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDSTop Three Reasons to Develop Your Next Distributed Application with DDS
Top Three Reasons to Develop Your Next Distributed Application with DDS
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud security
 
DDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing StandardDDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing Standard
 
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
 
Decentralisation and knowledge graphs
Decentralisation and knowledge graphs Decentralisation and knowledge graphs
Decentralisation and knowledge graphs
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
 
DDS Security
DDS SecurityDDS Security
DDS Security
 
UML Profile for DDS
UML Profile for DDSUML Profile for DDS
UML Profile for DDS
 
Android Binder: Deep Dive
Android Binder: Deep DiveAndroid Binder: Deep Dive
Android Binder: Deep Dive
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
Unit 08: Security for Web Applications
Unit 08: Security for Web ApplicationsUnit 08: Security for Web Applications
Unit 08: Security for Web Applications
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud Security
 
Stream Processing with DDS and CEP
Stream Processing with DDS and CEPStream Processing with DDS and CEP
Stream Processing with DDS and CEP
 
Active directory ds ws2008 r2
Active directory ds ws2008 r2Active directory ds ws2008 r2
Active directory ds ws2008 r2
 

Mais de Gerardo Pardo-Castellote

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
Gerardo Pardo-Castellote
 
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Gerardo Pardo-Castellote
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
Gerardo Pardo-Castellote
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Gerardo Pardo-Castellote
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
Gerardo Pardo-Castellote
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
Gerardo Pardo-Castellote
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
Gerardo Pardo-Castellote
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
Gerardo Pardo-Castellote
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
Gerardo Pardo-Castellote
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
Gerardo Pardo-Castellote
 

Mais de Gerardo Pardo-Castellote (20)

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.
 
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
 
Overview of the DDS-XRCE specification
Overview of the DDS-XRCE specificationOverview of the DDS-XRCE specification
Overview of the DDS-XRCE specification
 
DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 Beta
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained Environments
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
 

Último

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Último (20)

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Pragmatic approach to_dds_security_2008

  • 1. Integrating DDS into secure net-centric systems: A pragmatic approach RTESS, Washington DC, July 2008 Ariel Salomon Gerardo Pardo-Castellote, Ph.D. Senior Software Engineer Chief Technology Officer Real-Time Innovations, Inc. Real-Time Innovations, Inc. ariel.salomon@rti.com gerardo@rti.com
  • 2. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with Role-Based Access Control (RBAC) Additional Concerns Conclusion
  • 3. Motivation Net-centric systems rely on information sharing… – They are built on top a Shared Information Space or Common- Operational Picture – They assume information availability where and when it is needed As the system scope expands Security/IA becomes a concern – Information flow must be restricted to the intended/authorized recipients – Can no longer assume a single protection domain.
  • 4. Application Requirements High-level goal: “control and restrict access to information such that it is only accessible to the intended/authorized recipients.” Secondary goals include: – guaranteed access to the information by the authorized users prevent denial of service attacks – audit trails – ensure non-repudiation (guarantee identity of the source of the information) – deployable within the exiting Internet Environment This breaks down into – Functional requirements: Authentication, Confidentiality, Integrity Availability – Non-functional requirements: Manageability, Accountability, Assurance – Deployment requirements: Work in WAN environment, operate across NATs / IPv6 / lossy and bandwidth-constrained channels Work in conjunction with other network security measures
  • 5. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 6. DDS Communications model Provides a “Global Data Space” that is accessible to all interested applications. – Data objects addressed by Domain, Topic and Key – Subscriptions are decoupled from Publications – Contracts established by means of QoS – Automatic discovery and configuration Participant Participant Pub Pub Track,2 Participant Sub Sub Track,1 Track,3 Global Data Space Participant Pub Participant Alarm Sub
  • 7. Security Terminology Principals and Subjects – The active entities Principals are the entities that can be granted access control (e.g. the human users) . Subjects are active computer-system entities that bound to principals and operate on their behalf. Subjects perform the actions on the objects. Objects – The passive entities can be accessed or manipulated – e.g. memory, files, sockets, semaphores, etc. Access operations – the actions that can be performed on the objects e.g. read memory, write a message on a socket. Security model – The architecture, concepts, and algorithms used to define the access control restrictions on the objects and the access rights given to principals. – Examples are Mandatory Access Control (MAC), Role-based Access Control (RBAC), Discretionary Access Control (DAC), etc. Security policy – a set of goals, rules, and regulations regarding the access rights to information and objects. – defines what is allowed and what is not allowed within a particular security model. – Examples are the Bell LaPadula model, the Biba model, Chinese Wall, etc.
  • 8. DDS Domain Separation Discovery records security subject about entities are also security objects DomainParticipant Node Domain1 DR 1 1 DW 1 Instance DR 2 Instance DR 3 DW 2 1 security objects Domain2 DW 3 DR 4 2 DW 4 Instance DR 5 2 Instance DR 6 DW 5 Topic “green” Topic “orange”
  • 9. DDS communications model Data Domain Data Domain Failed to Participant Reader Participant Writer produce “Circle” Failed to “Circle” data get data Offered Offered Listener QoS Listener QoS Publisher declares information it has and specifies the Topic – and the offered QoS contract – and an associated listener to be alerted of any significant status changes Subscriber declares information it wants and specifies the Topic – and the requested QoS contract – and an associated listener to be alerted of any significant status changes DDS automatically discovers publishers and subscribers – DDS ensures QoS matching and alerts of inconsistencies
  • 10. DDS access control model Peer credential Not Domain Domain Participant rejected Participant allowed Listener ID not recognize Credential d Credential Security Listener (ID) Plugin (ID) Joining a domain is an access operation Participant A declares credentials (ID) it has to join domain Participant B declares credentials it has to join domain DDS limits discovery – Verify credentials received over discovery, apply security policy – Do not communicate with peers if they do not have proper credentials – Output: Provide notification, audit trail for access failures
  • 11. DDS access control model Access Access Data Domain denied Domain Writer Participant Participant denied Listener “Circle” Writer not allowed Credential Credential Security Listener (ID) Security Plugin (ID) Plugin Creating a reader or writer is an access operation Participant A declares credentials (ID) it has to join domain, publish data – and creates writer with topic, offered QoS contract, listener, ... Participant B declares credentials it has to join domain, subscribe to data – and creates reader with topic, requested QoS contract, listener, ... DDS limits discovery to allowed publishers and subscribers – Verify credentials received over discovery, apply security policy – Do not communicate with peers if they do not have proper credentials – Output: Provide notification, audit trail for access failures
  • 12. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 13. Proposed DDS Security Model (Pardo, 2007) The approach is based on two ideas: – Secure Domains – Confidential Topics Secure Domains – Limit each Global Data Space (DDS Domain) to contain information at a single level of security – Only authorized participants are allowed to join a Domain – All domain communications are confidential – All information is accessible to all members of the domain Confidential need-to-know Topics – Within a Global Data Space allow participants to read and write Topics on a “need to know basis” – Separate “right to read” from “right to write” – Each Topic is authorized and protected separately
  • 14. Confidential DDS Topics The RBAC model applied to DDS Topics Each Topic is assigned a list of “reader roles” and a list of “writer roles”. – ‘reader roles’ are the roles of the principals that can read the Topic – ‘writer roles’ are the roles of principals that can write the Topic Each Participant attached to the Domain is assigned a set of roles. – Write access to the Topic given only to Participants that have a role that appears in the list of “writer roles” for the Topic – Read access to the Topic given only to Participants that have a role that appears in the list of “reader roles” for the Topic – These access operation can be limited in terms of allowed QoS Result: – Limits access to the Topic only to the principals (the DDS Participants) that have the “need to know” for that Topic – A single domain can carry traffic of multiple security levels
  • 15. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 16. Mandatory Access Control at Transport Layer Use DTLS – datagram flavor of TLS/SSL – TLS/SSL provides a handshake to transfer certificates and establish security context Once verified DTLS establishes secure communications between each pair of participants Also provides integrity from cryptographic hash Disadvantages: – Multicast is not supported – All-or-nothing security
  • 17. RTI Secure Transport Domain Participant 1 Domain Participant 2 DTLS traffic DTLS handshaking DTLS DTLS handshaking DTLS RTPS discovery Encrypted RTPS RTPS user traffic DDS DDS RTPS Discovery Traffic RTPS User Traffic Application 1 Application 2
  • 18. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 19. Operating System Security Integration Trusted operating systems (such as SELinux, Trusted Solaris) provide fine-grained access control for system resources: – Network ports – Inter-process communication (IPC) objects These policies can be mapped to the required resources to join a DDS domain – DDS Wire Protocol standard specifies ports used for discovery, default ports for user data – For a configured system, there is a required set of ports and/or IPC objects that must be used to join the domain This requires no changes to DDS, and provides another mechanism for domain separation
  • 20. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 21. Performance Implications of Security for Real-Time Systems Real-time systems must balance need for security with system constraints: – Mechanisms for security can not introduce lack of availability – Especially a concern for small embedded systems, in which case hardware acceleration may be a necessity Two major classes of cryptographic methods – Symmetric methods relatively efficient, especially with hardware acceleration – Asymmetric cryptographic methods are several orders of magnitude more expensive, but are needed for authentication and non- repudiation DTLS Transport uses both types of cryptographic algorithms – symmetric methods for encryption and message integrity (AES, SHA- 1, etc.) – asymmetric for authentication and key establishment (RSA, DSA, DH)
  • 22. Performance: Latency Encryption of data transported on Gigabit Ethernet between moderate-performance Linux workstations (2GHz Opteron). 400 350 300 Latency (us) 250 200 150 100 50 0 16 32 64 128 256 512 1024 Data Size (bytes) UDPv4 DTLS Transport (AES128) DTLS Transport (AES256) DTLS Transport (IDEA-CBC)
  • 23. Performance: Throughput (1kB) Encryption of data transported on Gigabit Ethernet between moderate-performance Linux workstations (2GHz Opteron). 600 500 1kB block size 400 Mb/s 300 200 100 0 UDPv4 DTLS DTLS DTLS Transport Transport Transport (AES128) (AES256) (IDEA-CBC)
  • 24. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 25. Integrated DDS Security Integrating an access control model into DDS can provide additional benefits – Finer-grained security than above mechanisms – Native DDS mechanisms for notification within application – DDS discovery can be used to bootstrap multicast security mechanisms Role-based access control is a good model for net- centric systems Plugin architecture for secure reference monitor can be used to avoid limiting decisions about access control model, extensibility
  • 26. Configuring an Application for Secure DDS Domain Participant Credential: Name = Ariel_Rti Public Key = ABCD1234... Credential Security (ID) Security Level = Secret Plugin Roles = Engineer, Staff (signature) When creating participant, specify credentials and policy management plugin (in QoS) DDS checks credentials on entity creation – Return error value DDS checks credentials on discovery match – Event used to notify via listener or waitset – Notification may be sent to peer if allowed by permisions
  • 27. Notifications Of local application of rules: fail to create – e.g. new return code: DDS_RETCODE_NOT_PERMITTED Of application of rules to discovered entities: events via listener or waitset – on_participant_matched() – on_rejected_credential(ID) – on_access_denied(handle, topic) And existing events – on_subscription_matched() – on_publication_matched()
  • 28. Role-based Access Control for Domains Access to join domains is mediated by the security plugin – Domains can be used to segregate security levels Roles can be used to limit: – Which users can join a domain – Who can create topics in the domain ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Security Level Join Domain roles Create Topic roles 3 Unclassified staff, user, engineer, admin engineer, admin 4 Secret staff, admin admin
  • 29. Role-based Access Control for Topics Access to topics within a domain can also be mediated by the security plugin Roles can be used to limit who can write/read individual topics ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Topic Write roles Read roles 3 Square engineer staff, user 3 Circle admin staff, user 3 Triangle staff engineer
  • 30. Role-based Access Control for Qos? Access to topics can be parameterized further Roles can be used to limit allowed levels of service to write/read individual topics ROLES: Ariel engineer, staff ; SECRET Gerardo admin, staff ; SECRET Joe user ; UNCLASSIFIED Domain ID Topic Write roles Read roles 3 Square engineer staff [RELIABLE], user [BE only] 3 Circle admin staff [KEEP ALL], user[KEEP LAST 1] 3 Triangle staff engineer
  • 31. Security Plugin Interface The security plugin can take additional information into account when making access decisions: – QoS policies specified when creating entities – Mandatory content filtering /* domain access control */ bool is_domain_join_permitted(credential, domain, participant_qos); /* within-domain access control */ bool is_topic_create_permitted(credential, domain, topic, topic_qos); bool is_read_permitted(credential, domain, topic, requested_qos, content_filter <inout>); bool is_write_permitted(credential, domain, topic, offer_qos, content_filter <inout>);
  • 32. DDS Protocol Updates for Security? In addition to integrated access control, protocol updates could provide: – Encapsulated key management protocol – Secure wrapper for DDS submessages Potential benefits – Variable level of security for different topics Confidentiality and/or integrity and source authentication – Use of shared keys to support multicast security
  • 33. Agenda Motivation & Requirements Net-centric approach to DDS Security Proposed DDS Security Model Pragmatic Implementation of Secure Domains – Mandatory Access Control at Transport Layer – Operating System Security Integration – Performance Implications for Real-Time Integrated DDS Security with RBAC Additional Concerns Conclusion
  • 34. Additional Concern: Security Policy Management Complex systems require complex security policies Dynamic net-centric systems require dynamic security policies Authorization management for complex, dynamic net- centric systems needs to be agile for effective update when the system changes Recommendation: Model-Based Security Benefits – Cost savings – Enabled agility (growth, re-use) Ulrich Lang, Ph.D. – Improved security Chief Executive Officer ObjectSecurity LLC ulrich.lang@objectsecurity.com
  • 35. Op e n TM P MF 2 . 0 Solution: OpenPMF 2.0 Model Driven Security Management Specify security requirements in abstract models Generate enforceable security policies automatically Protect & monitor applications automatically, e.g. for SOA
  • 36. Op e n TM Solution: OpenPMF 2.0 P MF 2 . 0 Model Driven Security Management Model-driven security management product Mainstream within 5 years (Gartner) Benefits Align business and IT security Cost saving Enable IT agility (+ growth) Improved security OpenPMF 2.0 for DDS Specify fine-grained, customizable authorization rules for DDS Governs information flows between DDS publishers and subscribers Related to XACML architecture, but with model-driven security support Next steps: Extend model-driven security management support for DDS www.openpmf.com – www.modeldrivensecurity.org – www.objectsecurity.com
  • 37. Op e n TM P MF 2 . 0 Model Driven Security Management OpenPMF 2.0 Model-Driven Security Example Example: HIPAA healthcare regulatory requirement Security requirements mapped from EA layer of abstraction… …via fine-grained machine- enforceable authorization rules (OpenPMF PDL, XACML) … …to automatic run-time authorization enforcement of information flows (fine-grained, policy-driven, context-aware, content-aware etc.) www.modeldrivensecurity.org
  • 38. Additional Concern: Wide-Area Network (WAN) Support Requirements – Integrate DDS peers across more complex network configurations – Provide secure communication over WAN Possible forms of solution – WAN Transport architecture using NAT traversal protocols directly between peers – WAN Router architecture using statically configured proxy applications In both cases, access control mechanisms must be used to avoid introducing vulnerabilities
  • 39. Additional Concern: OS Mechanisms for Multiple Levels of Security (MLS) Partitioned operating systems or hypervisors can provide multiple virtual machines each running at different security levels If each partition can separately configure the allowed set of ports or IPC objects, DDS access can be segregated by security level Partitioned CPU and memory resources can provide additional protection against denial-of-service due to a badly behaved component at a lower security level These operating system mechanisms can be used to compartmentalize systems with more complex management of security policies
  • 40. Conclusion Security and Information Assurance is critical for net- centric systems as system scope expands – Systems getting more complex, more interconnected – More avenues of attack Today: Mechanisms exist for coarse levels of access control to critical data in DDS systems – Secure transport (DTLS) – Secure operating systems Future: Integrated DDS security will meet needs of systems as complexity increases – Fine-grained access control, scalable mechanisms – Capabilities to manage, control, and provide assurance