SlideShare a Scribd company logo

OMG DDS Security Standard

Gerardo Pardo-Castellote
Gerardo Pardo-Castellote

Revised Submission to the OMG Security RFP. Covers the plugin architecture and the proposed builtin plugins to provide Authentication, Access Control, Key Management, Confidentiality (Encryption), Message Authentication, and Auditing

TechnologyBusiness
1 of 75
Download to read offline
Your  systems.  Working  as  one.   DDS  SECURITY   Revised  Submission   Doc  num:  mars/2012-­‐06-­‐15   SubmiMer:   Gerardo  Pardo-­‐Castellote,  Ph.D.   Real-­‐Time  InnovaLons,  Inc.   CTO,  Real-­‐Time  InnovaLons,  Inc.   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved  
Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   2  
Security  Terms:  a  Safe-­‐Deposit  Box   •  AuthenLcaLon:  The  bank  knows  who  you  are;  you   must  show  ID.   •  Access  Control:  The  bank  only  lets  those  on  an   access  list  into  your  box.   •  ConfidenLality:  You  are  alone  in  the  room  Nobody   can  see  the  contents  of  the  box.   •  Integrity:    The  box  is  sealed.  If  anybody  touches  it   you  will  know.   •  Non  repudiaLon:  You  sign  when  you  come  in  and   out  so  you  can’t  claim  that  you  weren’t  there.   •  Availability:  The  bank  is  always  open.     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   33
Security  as  a  system  problem   •  UlLmately  security  is  a  system  property   –  Involves  hardware,  soware,  humans,   procedures…   •  Most  directly  related:   Scope  of   1.  Securing  the  data-­‐cenLrc  bus   the  RFP   2.  IntegraLng  across  security  domains   Out   3.  Securing  the  operaLng  system   of  Scope   4.  Securing  the  hardware  &  soware   configuraLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   4  
Three  security  boundaries   Ul5mately  you  need  to  implement  the  3  of  them   •  Boundary  security   •  Transport-­‐Level     –  Network  (layer  3)  security   –  Session  (layer  4/5)  security   •  Fine-­‐grained  Data-­‐Centric   Security   Scope  of  the  DDS  Security  RFP   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   5  
Fine-­‐Grained  Data-­‐Centric  Security   Topics   •  Access  control  per  Topic   •  Read  versus-­‐write  permissions   •  Field-­‐specific  permissions   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6  
Data  Security  Example:  UAV   Topics   Authen5ca5on   Access   Integrity   Non-­‐ Confiden5ality   Control   repudia5on   UAV  health   X   X   data   Remote   X   X   X   X   X   commands   Sensor  Data   X   X   X   X   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   7  
Agenda   •  Background   • Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   8  
RFP  Mandatory  Requirements   Proposals  shall  define  …   6.5.1    …  a  Plahorm  Independent  Security  Model  for  DDS     independent  of  the  programming  language  used…   6.5.2    …  a  collecLon  of  Plahorm  Independent  IntercepLon   Points  and    SPIs  …   6.5.3  …    built-­‐in  Plahorm  Independent  Security  Plugins  that   implement  the  Plahorm  Independent  Interfaces   6.5.4    …  plahorm  specific  mappings  for  the  built-­‐in  plugins  to   all  the  language  PSMs  supported  by  DDS   6.5.5  …    how  the  DDS  Interoperability  Wire  Protocol  is  used   to  allow  DDS  applicaLons  to  interoperate  securely   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   9  
Mandatory  Requirements  6.5.1:   Security  Model   The  Security  Model  for  DDS  shall  …   6.5.1.1    …  support  mechanisms  that  establish  the  ability  for  a  DDS  ParLcipant  to  run  in  a   plahorm   6.5.1.2    …  support  mechanisms  to  configure  and  access  the  credenLals  of  the  underlying   DDS  ParLcipants  …   6.5.1.3  …    allow  specificaLon  of  authorizaLon  policies,  controlling    [1]  Joining  a  DDS  Domain    [2]  Access  to  DDS  Discovery  Data    [3]  Publishing  a  DDS  Topic,    [4]  Subscribing  to  a  DDS  Topic    [5]  Publishing  on  a  DDS  ParLLon,  [6]  Subscribing  on  a  DDS  ParLLon   6.5.1.4    …  include  the  concept  of  data  tagging   6.5.1.5  …    support  mechanism  for  ensuring  data  integrity,  including    [1]  traceability,  pedigree,  and  tamper    [2]  digital  signatures    [3]  data  encrypLon    [4]  use  of  different  keys  for  data  from  different  DataWriters   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   10  
Mandatory  Requirements  6.5.2:     Set  of  IntercepLon  Points  and  SPIs   The  Plugin  SPIs  shall  …   6.5.2.1    …  allow  applicaLons  to  exchange  credenLals  with  a  DDS  ParLcipant    [1]  exchanging  credenLals  for  authenLcaLon    [2]  delegaLon  of  authority  for  authenLcaLon   6.5.2.2    …  allow  an  external  plugin  to  perform  all  the  authorizaLon  funcLons      [1]  full  support  of  the  authorizaLon  policies    [3]  support  delegaLon  of  authority    [4]  support  delegaLon  of  authority  separately  for  each  DDS  Topic   6.5.2.3  …    allow  an  external  plugin  to  perform  all  the  tagging  and  tag-­‐accessing  funcLons   6.5.2.4    …  allow  an  external  plugin  to  perform  all  the  encrypLon  and  decrypLon   funcLons   6.5.2.5  …    external  plugin  to  perform  all  the  digital  signing  and  verificaLon  funcLons   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   11  
RFP  OpLonal  Requirements   Proposals  may  define  authorizaLon  policies  that  control    …   6.6.1  …  the  content  a  DDS  ParLcipant  is  allowed  to  publish  on  a  Topic.   6.6.2  …  the  content  a  DDS  ParLcipant  is  allowed  to  subscribe  on  a  Topic..   6.6.3  …  the  QoS  Policies  a  DDS  ParLcipants  can  use  when  publishing  a  Topic   6.6.4  …  the  QoS  Policies  a  DDS  ParLcipant  can  use  when  subscribing  to  a   Topic.   Proposals  may  define  …   6.6.5  …  data-­‐tagging  plugins  that  apply  different  tags  for  each  data-­‐sample   published  by  a  DDS  DataWriter.   6.6.6  …  built-­‐in  plugins  that  interoperate  with  standard  authenLcaLon  and   authorizaLon  protocols  and  services,  such  as,  LDAP  and  SAML.   6.6.7  …  a  PSM  mapping  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  to  a   secure  transport,  such  as,  DTLS.   6.6.8  …  a  PSM  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  allowing   interoperability  over  UnidirecLonal  Transports.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   12  
Agenda   •  Background   •  Requirements   • Threats   •  Security  Model   •  BuilLn  Plugins   •  Plugins  and  SPIs   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   13  
Threats   Alice:  Allowed  to  publish  topic  T   1.  Unauthorized  subscripLon   Bob:  Allowed  to  subscribe  to  topic  T   Eve:  Non-­‐authorized  eavesdropper     2.  Unauthorized  publicaLon   Trudy:  Intruder   3.  Tampering  and  replay     Trent:  Trusted  infrastructure  service   Mallory:  Malicious  insider   4.  Unauthorized  access  to  data   by  infrastructure  services     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   14  
Data-­‐centric/mulLcast  Insider  Threats     •  Two  insider  threats  affecLng  (mulLcast)  data-­‐ centric  systems  are  of  unique  significance   1.  Reader  mis-­‐behaves  as  unauthorized  writer   An  applicaLon  uses  knowledge  gained  as  authorized   reader  to  spoof  the  system  as  a  writer   2.  Compromise  of  Infrastructure  Service     A  service  that  is  trusted  to  read  and  write  data  on  behalf   of  others  (e.g.  a    persistence  service  )  becomes   compromised     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   15  
Reader  mis-­‐behaves  as  unauthorized   writer   •  SituaLon:   –  Alice  -­‐    creates  a  Crypto  Key  per  Topic/DataWriter   –  Alice  -­‐  shares  its  Key  with  all  intended  readers  as  needed  to  mulLcast   –  Mallory  –  is  an  authorized  reader  so  it  has  Alice’s  key   –  Mallory  –  behaves  maliciously  and  uses  Alice’s  key  to  create  fake  UDP  messages  purng   Alice’s  informaLon  (IP,  Port,  GUIDs,  etc.)  but  with  bad  data.   •  ImplicaLons:   –  Bob  sees  message  from  Mallory  and  processes  it  believing  it  is  from  Alice   –  Mallory  can  provide  a  system-­‐wide  failure  for  all  subscribers  to  topic  T,  making  them  process   wrong  data,  delete  instances,     –  Depending  on  the  Topic  this  can  be  catastrophic  for  the  system   •  Notes:   –  The  problem  is  that  all  secrets  shared  by  Alice  and  Bob  are  also  known    to  Mallory   •  So  the  aMack  cannot  be  solved  with  a  MAC  or  HMAC  if  Alice’s  key  is  also  shared  with  all  readers…   –  The  problem  can  be  solved  with  a  digital  signature  but  that  is  1000X  slower  than  a  MAC   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   16  
Compromise  of  Infrastructure  Service  (2)     UDP   RTPS   SubMsg   DATA   SubMsg   DATA   Hdr   Hdr   Hdr(T1)   (T1)   Hdr(T2)   (T2)   •  SituaLon:   –  Alice  creates  a  Crypto  Key  to  write  topic  T   MAC  +  EncrypLon   –  Alice  encrypts  the  whole  RTPS  sub-­‐message  related  to  topic  T   –  Trent  is  an  infrastructure  (e.g.  relay)  that  must  store  and  forward  data  from  Alice  to  Bob   •  To  operate  Trent  needs  to  see  submessage  header  informaLon:  GUIDs,  SequenceNumber,  KeyHash,  …   –  Alice  shares  the  key  used  for  topic  T  with  Trent   •  Trent  has  access  to  the  keys  for  all  the  data  it  relays   –  Trent  is  aMacked  and  compromised   •  ImplicaLons:   –  Trent  aMacker  has  access  to  all  the  keys  for  all  the  topics  that  Trent  was  relaying     –  Infrastructure  must  be  granted  “super  user  privileges”  to  see  many  topics  despite  fact  they  have   no  need  to  see  the  data   –  Compromise  of  a  single  infrastructure  service  can  be  lead  to  catastrophic  informaLon  leakage   •  Notes:   –  The  problem  is  that  Trent  is  given  access  to  secrets  that  allow  it  to  see  the  data  despite  the  fact   that  it  does  not  have  a  need  to  do  so,  effecLvely  elevaLng  its  privileges  and  creaLng  a  big   vulnerability   –  The  problem  can  be  solved  if  the  submessage-­‐header  informaLon  Trent  needs  is  not  encrypted   with  the  same  key  as  the  topic  eal-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   ©  2012  R data.   17  
The  submission  must  address  these   vulnerabiliLes   •  Maintain  separaLon  between  different  classes  of  data  receivers   1.  Cannot  access  any  informaLon  on  topic  T   2.  Can  relay  the  submessages  on  topic  T,  but  not  the  payload  data   3.  Can  access  the  payload  data  on  topic  T  but  not  relay  messages   •  Examples:   –  UnauthenLcated  or  Non-­‐authorized  applicaLons.  ApplicaLons  without  the  rights   to  join  a  specific  DDS  domain   –  DDS  Persistence  Service  which  is  allowed  to  store  encrypted  payload.  Recording   Services,  Gateways  and  rouLng  components   •  They  need  to  see  enough  (Topic,  Key,  Sequence  Numbers)  but  not  the  data     –  AuthenLcated  applicaLons  authorized  to  read  data  on  a  specific  Topic   •  This  can  be  enforced  by  combining  a  MAC  and  EncrypLon  and  sharing   these  keys  selecLvely   –  MAC  Key  shared  with  relay  service   –  MAC  &  Crypto  Key  shared  with     UDP   Hdr   RTPS   Hdr   SubMsg   Hdr(T1)   DATA   (T1)   SubMsg   Hdr(T2)   DATA   (T2)              authorized  readers     This  is  not  in  the  submission  yet   MAC   EncrypLon       6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   18  
Agenda   •  Background   •  Requirements   •  Threats   • Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   19  
Submission  Guiding  Principles   •  Performance  &  Scalability   –  Do  not  impact  parts  of  the  system  that  do  not  have  security  needs   –  Allow  opLng  out  of  specific  features  such  as  MAC,  EncrypLon.  Digital  Signature  with  sufficient   granularity   –  Limit  use  of  asymmetric  keys  to  discovery  &  session  establishment     –  Support  MulLcast   •  Robustness  &  Availability   –  Be  robust  to  the  failure  or  compromise  of  any  single  component.   –  Limit  privileges  of  infrastructure  services  and  relays   –  Avoid  centralized  policy  decisions/services   –  Avoid  mulL-­‐party  key  agreement  protocols   •  Fitness  to  data-­‐centric  model   –  Express  policies  and  permissions  in  terms  of  familiar  DDS  terminology  and  objects   –  Support  all  of  DDS:  consumpLon  of  samples  out  of  order,  best  efforts,  Lme  filters,  history  cache,   etc.   •  Leverage  exisLng  technologies   –  Support  plugging  in  exiLng  technologies  for  ciphers,  MAC,  PKI   •  Ease  of  use  &  Flexibility   –  DO  not  preclude  integraLng  with  their  exisLng  security  and  crypto  infrastructure.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   20  
Audience  and  Purpose  for  this   SpecificaLon   •  Audience:   –  DDS  vendors/implementers,  not  the  users  of  DDS   •  Purpose:   –  Define  a  Security  Model  for  DDS  systems   –  Define  concrete  IntercepLon  points  in  the  middleware   where  SPI  interfaces  must  be  called   –  Define  concrete  SPI  Interfaces  vendors  must  invoke  at  the   IntercepLon  Points  and  the  behavior  upon  various   returns   –  Define  specific  SPI  implementaLons  to  the  extent   required  for  interoperability   –  NOT  guidance  to  users  implemenLng  secure  DDS  systems   –  NOT  definiLon  of  security  technologies  beyond  what  is   required  to  implement  the  specificaLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   21  
Security  Model   •  A  security  model  is  defined  in  terms  of:   –  The  subjects  (principals)   –  The  objects  being  protected   •  The  operaLons  that  are  protected  on  the  objects   –  Access  Control  Model   •  A  way  to  map  each  subject  to  the  objects  they  can   perform  operaLons  on  and  which  are  the  allowed   operaLons   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   22  
Security  Model  Example:   UNIX  FileSystem  (simplified)   •  Subjects:    Users,  specifically  processes  execuLng  on  behalf  of  a  specific  userid   •  Protected  Objects:    Files  and  Directories   •  Protected  OperaLons  on  Objects:   –  Directory.list,  Directory.createFile,  Directory.createDir,  Directory.removeFile,   Directory.removeDir,  Directory.renameFile   –  File.view,  File.modify,  File.execute   •  Access  Control  Model:   –  A  subject  is  given  a  userId  and  a  set  of    groupId   –  Each  object  is  assigned  a  OWNER  and  a  GROUP   –  Each  Object  is  given  a  combinaLon  of  READ,  WRITE,  EXECUTE  permissions   for  the  assigned  OWNER  and  GROUP   –  Each  protected  operaLon  is  mapped  to  a  check,  for  example   •   File.view  is  allowed  if  and  only  if     –  File.owner  ==  Subject.userId  AND  File.permissions(OWNER)  includes  READ   –  OR  File.group  IS-­‐IN  Subject.groupId[]    AND  File.permissions(GROUP)  includes  READ   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   23  
DDS  Security  Model   •  Subjects:    DDS  DomainParLcipant  (ParLcipant  GUID)   •  Protected  Objects:    DDS  Domain  and  DDS  Topic   •  Protected  Opera5ons  on  Objects  (logical  view):   –  DomainParLcipant.join   –  DomainParLcipant.add_read_parLLon   –  DomainParLcipant.add_write_parLLon   –  Topic.create   –  Topic.set_qos   –  Topic.set_reader_qos   –  Topic.read   –  Topic.set_writer_qos   –  Topic.write   –  Topic.create_instance   –  Topic.update_instance   –  Topic.dispose_instance   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   24  
Mapping  of  DDS  API  to  protected  operaLons   DDS  API  Call     Protected  Opera5on   DomainParLcipantFactory.create_parLcipant   Discovery.match_remote_parLcipant   DomainParLcipant.join   DomainParLcipant.create_publisher   Publisher.set_qos   DomainParLcipant.add_write_parLLo n   DomainParLcipant.create_subscriber   Subscriber.set_qos   DomainParLcipant.add_read_parLLo n   DomainParLcipant.create_topic   Discovery.dicover_topic   Topic.create,  Topic.seq_qos   Topic.set_qos   Topic.set_qos   Subscriber.create_datareader   Discovery.dicover_datareader   Topic.read,  Topic.set_reader_qos   DataReader.set_qos   Discovery.change_datareader_qos   Topic.set_reader_qos   Publisher.create_datawriter   Discovery.dicover_datawriter   Topic.write,  Topic.set_writer_qos   DataWriter.set_qos   Discovery.change_datawriter_qos   Topic.set_writer_qos   DataWriter.register_instance   DataWriter.write   Topic.create_instance   6/25/12   Protocol.receive_instance_new   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   25  
Access  Control  Model   •  Flexible  Access  Control  Model  implemented  by  the  AccessControl   SPI.     –  AccessControl  plugin  implementaLons  can  customize  the  behavior.   •  General  Access  Control  Model     –  Each  subject  (DomainParLcipant)  is  configured  with  a  set  of  permissions   –  The  AccessControl  Plugin  intercepts  each  of  the  protected  operaLons  and  decides   whether  is  is  allowed  or  denied.     •  Access  Control  Model  implemented  by  builLn-­‐plugins:   –  Explicit  permissions  assigned  to  DomainPaLcipants  based  on  the  Topic  name  (in   current  submission)   –  Role-­‐based  access  control   –  Label-­‐based  access  control   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   26  
Example:  Explicit  permissions          <permisions  xsi:noNamespaceSchemaLocation="omg_shared_ca_permissions.xsd"                                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-­‐instance">          <validity>                  <!-­‐-­‐  Format  is  YYYYMMDDHH  in  GMT-­‐-­‐>                  <not_before>2012060113</not_before>                  <not_after>2013060113</not_after>          </validity>          <subject_name>/C=US/ST=CA/L=Sunnyvale/O=ACME  Inc./OU=CTO  Office/CN=DDS   Shapes  Demo/emailAddress=cto@acme.com</subject_name>          <allow_with_exceptions>                  <domain_id>0</domain_id>                  <allow>                          <publish>Sq*</publish>                          <subscribe>Circle</subscribe>                  </allow>                  <exception>                          <publish>SquareControl</publish>                  </exception>          </allow_with_exceptions>   </permissions>   •  The  DomainParLcipant  is  allowed  to  join  domain  0   •  Within  domain  0  the  DomainParLcipant  is  allowed  to  wriLng  any  Topic  with  a  name  that   matches  the  expression  “Sq*”  with  the  excepLon  of  Topic  named  “SquareControl”   •  Within  domain  0  the  DomainParLcipant  is  allowed  to  read  only  the  Topic  named  “Circle”     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   27  
Pluggable  Security  Architecture   cerLficates   applicaLon  component   App.   App.   App.   AuthenLcaLon   Secure  DDS     Key   Plugin   middleware   Management   ? Plugin   Other     Other   Other       Access  Control   DDS   Plugin   DDS  EnLLes   Cryptography   DDS   DDS   System   System   Plugin   System   AudiLng   Protocol   Data   Plugin   Engine   cache   Tagging   Plugin   Secure  Transport  (e.g.  TLS)   Kernel   ? Crypto   Policies   Module   Network   (e.g.  TPM  )     Driver      Secure  Kernel   TA Encrypted   G   Data   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   Network   28  
Service  Plugins  (SPIs)     •  Authen5ca5on:  Provides  the  mechanism  to  verify  that  idenLty  of   the  applicaLon  and  or  user  that  invokes  operaLons  on  DDS  in   order  to  join  a  domain,  publish,  subscribe,  etc.   •  AccessControl:  Provides  the  means  to  enforce  policy  decisions  on   what  DDS  related  operaLons  an  authenLcated  user  can  perform.   For  example  which  domains  it  can  join,  which  Topics  it  can  publish   or  subscribe,  etc.   •  Cryptography:  Implements  (or  interfaces  with  libraries  that   implement)  all  cryptographic  operaLons,  including  encrypLon,   decrypLon,  digital  signatures,  etc.   •  KeyManagement:  Provides  key  distribuLon  and  access  services.  It   allows  DDS  implementaLons  to  access  the  necessary  keys  given   the  idenLty  and  access  control  policies.   •  Tagging:  Tag/Label  data  samples.   •  Logging:  Supports  audiLng  of  all  DDS  security-­‐relevant  events.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   29  
6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   30  
IntercepLon  Points:  Current  logical  flow   Create   Domain   AuthenLcate   ParLcipant     DP?   Create   Endpoints   Discover   remote  DP   Discover   remote   Endpoints   Send/ Receive  data   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   31  
IntercepLon  Points  inserted  into  the  logical   flow   Create   Domain   Domain   AuthenLcate   No   ParLcipant   AuthenLcate   DP?   ParLcipant     Create  Fails   Yes   DP?   Create   No   Endpoint   Access  OK?   Endpoints   Create  Fails   Discover   AuthenLcate   No   Ignore   remote  DP   Remote  DP?   Remote  DP   Yes   Discover   Ignore   remote   Access  OK?   remote   Endpoints   endpoint   Send/ Message   Receive  data   security   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   32  
AuthenLcaLon  -­‐  Local   Create   Load   Domain   Domain   IdenLty   AuthenLcate   No   ParLcipant   AuthenLcate   DP?   ParLcipant     CerLficates   Create  Fails   DP?   Yes   For  PKI,   token  is  PKI   Get  Auth   cerLficate   Token   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   33  
DDS  Security  Flow:  Access  Control   Load   No   Create   Endpoint   Security   Access  OK?   Endpoints   Create  Fails   Policies   Yes   Data  Writer?   Yes   Get  Keys   If  desired,   add  tag   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   34  
IntercepLon  Points  –  Remote  AuthenLcaLon   and  Access  Control   Discover   Receive   AuthenLcate   No   Ignore   remote  DP   IdenLty  Token   Remote  DP?   Remote  DP   Yes   Discover   No   Ignore   Receive   remote   Access  OK?   remote   Permissions  Token   Endpoints   endpoint   Yes   Does  the   Matched  DW?   remote  Data   Writer   Yes   match  a   Get  Keys   local  Data   Reader   Get  remote   DW  tag   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   35  
DDS  Security  Flow:  Send  Data   Access   Yes   Write   Marshall   Encrypt?   CriptoKeys  +   No   Encrypt   ClearText   CipherText   CipherText   Header  has   KeyId     Marshal   Access   SampleInfo   DigitalSig?   PrivateKey  +   (KeyHash,   Yes   Sign   SN,  GUID)   TBD:  DSig   Append  Digital  Signature   Header   Yes   precedes   Access   ciphertext?   Send  RTPS   Assemble   MACKeys  +   Message  to   MAC?   Submessages   Yes   compute  MAC   DesLnaLon   TBD:     Append  MAC   MAC  as  separate   submessage?     Send  to  UDP   First  or  last?     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   In  RTPS  Header?   36  
Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   • Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   37  
6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   38  
AuthenLcaLon  Plug-­‐in   •  Goal:  authorize  DDS  enLLes.    Only  an  authorized   DDS  applicaLon  can  send  or  receive  data  in  that   domain   •  The  unique  idenLty  of  a  Domain  ParLcipants  is   locally  authenLcated   •  When  a  remote  Domain  ParLcipant  is  discovered,  its   idenLty  must  be  validated   AuthenLcaLon   Service   DDS   DDS   DDS   App   App   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   39  
AuthenLcaLon  SPI   •  IdenLtyCredenLal:  configures  the   plugin  with  the  informaLon  it   needs  to  idenLfy  and  authenLcate   the  local  parLcipant   •  IdenLtyHandle:  used  refer  locally   to  an  authenLcated  parLcipant.   •  IdenLtyToken:  characterizes  the   idenLty  informaLon  of  a   DomainParLcipant,  which  is   propagated  via  discovery   •  AuthenLcaLonListener  noLfy  of   status  changes:  E.g.  when  a   cerLficate  has  expired  and  revokes   the  idenLty     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   40  
AuthenLcaLon  OperaLons   Opera5on   Descrip5on   validate_local Validates the identity of the local DomainParticipant based on _identity credentials, biometrics or whatever the plug-in requires. validate_remot Validates the identity of the remote DomainParticipant, based on e_identity an IdentityToken representation. This operation may return an Identity Challenge that must be sent and replied to by the remote participant. get_identity_t Returns an IdentityToken that can be sent over the network to oken identify the DomainParticipant. challenge_iden Asks the local AuthenticationPlugin to respond to an identity tity challenge. The operation is invoked if a remote Participant sends a message requesting an identity challenge validate_ident Provides the AuthenticationPlugin with the response to an ity_challenge identity challenge that was previously requested as a result of a call to validate_remote_identity set_listener Sets the listener necessary for determining identity status changes to the AuthenticationListener objects received as an argument. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   41  
Access  Control  SPI   Access  Control  SPI   •  PermissionsCredenLal:   provided/configured  on  the   DomainParLcipant  to     prove  its  permissions   •  PermissionsHandle:   internal  handle  to  refer  to   the  permissions  of  an   idenLfied   DomainParLcipant   •  PermissionsToken:   characterizes  the   DomainParLcipant   permissions,  which  is   propagated  via  discovery   •  AccessControlListener   noLfy  of  status  changes.   E.g.  a  change  in   permissions.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   42  
Access  Control  OperaLons   Opera5on   Descrip5on   validate_loc Validates the permissions of the local DomainParticipant. The al_permissio permissions could be based on a PermissionsCredential ns()   presented to the plugin. The operation returns a PermissionsHandle object, if successful. validate_rem Validates the permissions of the remote DomainParticipant, ote_permissi propagated as a PermissionsToken. The operation returns a ons()   PermissionsHandle, if successful. check_create Enforces the permissions of the local DomainParticipant. _particpant Ensurng it is allowed to join the specified domain_id with the ()   specified Participant QoS. check_create Enforces permissions to ensure the local DomainParticipant is _datawriter allowed to write the specified Topic with the specified QoS. () check_create Enforces permissions to ensure the local DomainParticipant is _datareader allowed to read the specified Topic with the specified QoS. () check_create Enforces permissions to ensure the local DomainParticipant is _topic()   6/25/12   allowed©  2012  Real-­‐Time  Ithe specified Topic with the specified QoS. to create nnovaLons,  Inc.    -­‐    All  rights  reserved   43  
Access  Control  OperaLons  (II)   Opera5on   Descrip5on   check_local_da In case the access control requires a finer granularity at the instance tawriter_regis level, this operation enforces the permissions of the local DataWriter ter_instance()   to create a particular instance. check_local_da In case the access control requires a finer granularity at the instance tawriter_dispo level, this operation enforces the permissions of the local DataWriter se_instance()   to delete a particular instance. check_remote_p Enforces the permissions on the remote DomainParticipant, articipant()   ensuring it has permissions to join the domain with the specified domain_id and QoS. check_remote_d Enforces the permissions on the remote DomainParticipant atawriter()   ensuring is has permissions to write data on the specified Topic name and type (extracted from the publication_data) and with the discovered QoS. check_remote_d Enforces the permissions on the remote DomainParticipant atareader()   ensuring is has permissions to read data on the specified Topic name and type (extracted from the publication_data) and with the discovered QoS. check_remote_t Enforces permissions to ensure the remote DomainParticipant is opic()   allowed to create the specified Topic with the specified QoS. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   44  
Access  Control  OperaLons  (III)   Opera5on   Descrip5on   check_remote In case the access control requires a finer granularity at the instance _datawriter_ level, this operation checks the permissions of the remote register_ins DataWriter allow it to create a particular instance. tance()   check_remote In case the access control requires a finer granularity at the instance _datawriter_ level, this operation checks the permissions of the remote dispose_inst DataWriter allow it to delete a particular instance. ance()   get_permissi Returns the PermissionsToken that can be used to represent on ons_token() the network the Participant’s permissions, which are identified by the specified PermissionsHandle. set_listener Sets the listener for the AccessControl object. () 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   45  
Access  Control  Listener  OperaLons   Opera5on   Descrip5on   on_revoke_pe DomainParticipants’ Permissions can be revoked/changed. rmissions()   This listener provides a callback for permission revocation/changes. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   46  
Cryptographic  Plug-­‐in   Goal:  Provide  cryptographic  capabiliLes  for  DDS  data  samples   •  Customer  security  policy  dictates  which  per  sample  cryptography   is  required   –  MAC  for  message  authenLcaLon  and  integrity   –  Digest  for  integrity  or  as  part  of  compuLng  a  Digital  Signature   –  Digital  signature   –  EncrypLon   •  Highlights:   –  Designed  to  support  different  encrypLon  methods   •  PKI,  Symmetric  keys,  IdenLty  based  encrypLon   •  Counter-­‐mode  encrypLon  (for  non  stream-­‐oriented  sessions)   –  General  and  extensible  API     •  can  support  different  implementaLons  of  the  crypto,  including  interfacing   with  device  drives  and  hardware   –  Designed  for  performance   •  Separate  prepare  &  execute  cycles   •  Supports  performing  cryptographic  operaLons  on  non-­‐conLguous  buffers   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   47  
Cryptographic  SPI   Provides  support  for:   •  Encrypt/Decrypt   •  MessageAuthenLcaLon   •  Digital  signature  &   verificaLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   48  
Main  Types   •  Handle  (CryptoHandle,  CryptoSession  MACHandle,   DSigHandle):   –  Provide  internal  handle  to  “prepared”  key  material  inside   the  Plugin  for  efficient  operaLons   •  Token  (CryptoToken,  MACToken,  DSigToken):   –  Encode  all  the  informaLon  needed  to  iniLalize  the   algorithms.  This  informaLon  created  at  the  request  of     applicaLon  generaLng  the  message  and  made  available  to   the  authorized    recipients  with  the  help  of  the   MeyManager  plugin   •  State  (CryptoState,  CryptoState  MACState,   DSigState):   –  Internal  handle  to  algorithmic  state  to  support  operaLons   on  non-­‐conLguous  buffers   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   49  
Cryptographic  OperaLons   Opera5on   Descrip5on   decrypt() Given a cryptographic token and encrypted data, this function generates decrypted output. This will be used by a DataReader to decrypt encrypted data it received on the wire.   encrypt() Given an encryption token and data, this function generates encrypted output. This will be used by a DataWriter to encrypt data prior to sending it out on the wire.   get_cypher_in Returns the corresponding to a CryptographicToken.   fo_from_token () get_key_from_ Returns the CryptographicKey corresponding to a token() CryptographicToken.   get_local_enc Returns the local cryptographic token, CryptographicToken, ryption_token given the local key. () get_remote_en Returns the remote CryptographicTokengiven the cypher info cryption_toke for it. In order to achieve interoperability, the cipher info needs to be n() 6/25/12   known.   2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   ©   50  
Cryptographic  OperaLons  (II)   Opera5on   Descrip5on   set_key_for_t Associates a cryptographic key to a cryptographic token.   oken() sign() Digitally signs the data and attaches the signatures on the wire.   verify() Verifies the signature of the data.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   51  
Key  Management  Plug-­‐In   Goal:  enable  efficient  method  for  management  of   cryptographic  keys   •  Each  Data  Writer  needs  a  key  for   –  EncrypLon   –  Message  AuthenLcaLon  Codes   –  Digital  Signature  (oen  the  PKI  cert  private  key)   •  A  Matched  Data  Reader  needs  matching  key   •  The  KeyManagent  plugin  is  responsible  for   propagaLng  the  different  Keys  to  the  authorized   readers       6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   52  
Key  Management  SPI   •  KeyManagerTokenHandle:  local  opaque  reference   to  a  previously  stored  token   •  TokenAccessTicket:  Opaque  Lcket  granLng  access   to  a  key  to  an  idenLfied  DomainParLcipant   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   53  
Highlights   •  Generic  API  supports  custom  and  well  as  commercial   Key  Managers   •  Integrates  well  with  exisLng  DDS  mechanisms   •  Model:   –  The  KeyManager  stores  keys  (KeyTokens)  at  the  request  of   the  sender   –  The  sender  requests  a  Ticket  to  be  generated  for  to   granLng  access  to  a  KeyToken  to  a  specific  subject  Iden5ty   (DomainParLcipant).     –  The  sender  can  share  the  Ticket  with  the  intended   recipient.  This  message  does  not  need  to  be  protected   –  Upon  presentaLon  of  the  Ticket    by  the  intended  Iden5ty   the  KeyManager    gives  it  the  KeyToken.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   54  
Key  Management  OperaLons   Opera5on   Descrip5on   store_token() Stores a Token a cryptographic Token in the Manger retuning a KeyManagerTokenHandle that can be used to locally refer to the stored Token. get_token_acce Returns a Ticket for a previously stored Token to be used by a ss_ticket()   specified subject Identitity. The Ticket grants access to the Token only to the identity that was specified so it maybe shared in cleartext with the intended recipient.   lookup_token_h Looks up a Token given a Ticket. The KeyManager will andle() ensure that the identity of the requester is the one for whom the Ticket was intended. Returns a KeyManagerTokenHandle that can be used to locally refer to the stored Token. get_token() Retrieves a previously stored Token given its local KeyManagerTokenHandle. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   55  
Key  Management  Listener  OperaLons   Opera5on   Descrip5on   identity_chall Used   to   enforce   that   only   the   intended   recipient   idenLty   can   get   enge() access  to  a  stored  Token 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   56  
Logging  (AudiLng)  Plug-­‐in   •  Goal:  Provide  mechanism  to  log  either  locally   or  centralized  all  security  events  for  audiLng   DDS  App   Secure   Audit   Plug-­‐ DB   ins   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   57  
Data  Tagging   •  Tag  is  added  to  a  Data  Writer   •  Tag  is  propagated  over  discovery   •  The  Data  Reader  stores  the  tag  of  each  Data   Writer   •  When  the  Data  Reader  applicaLon  gets  a  data   sample,  it  can  retrieve  the  tag  associated  with   that  sample  from  the  middleware     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   58  
Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   • Buil5n  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   59  
BuilLn  Plugins   SPI   Buil5n  Plungin   Notes   AuthenLcaLon   SharedCA_AuthenLcaLonPlugin   Uses  PKI  with  a  pre-­‐configured   shared  CerLficate  Authority   AccessControl   SharedCA_PermissionsPlugin   Permissions  document  signed  by   shared  CerLficate  Authority   Cryptography   Crypto-­‐AES-­‐CTR-­‐HMAC     AES128  and  AES256    for  encrypLon   (in  counter  mode)   SHA1  and  SHA256  for  digest   HMAC-­‐SHA1  and  HMAC-­‐256  for   MAC   PKI  digital  signature   KeyManagement   PKI_Protected_DDS_KeyDistribuLon   Use  authorized  reader  PK  to   protect  KeyDistribuLon   Not  described  in  submission   DataTagging   Discovered_EndpointTags   Send  Tags  via  Endpoint  Discovery   Logging   DedicatedDDS_LogTopic   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   60  
SharedCA_AuthenLcaLonPlugin  (1)   •  2048-­‐bit  RSA  x.509  CerLficates  in  combinaLon  with  a   configurable  shared  CerLficate  Authority  (CA)   •  Each  ParLcipant  is  configured  with     –  Shared  CA  described  by  self-­‐signed  cerLficate  (e.g.  PEM,   DER  formats)     –  The  ParLcipant  Private  Key  (e.g.  PEM,  DER)   –  The  ParLcipant  signed  cerLficate  from  the  CA  binding  the     •  DisLnguished  Name  for  the  parLcipant   •  ParLcipant  Public  Key   –  AuthenLcaLonToken  is  signed  cerLficate  in  PEM  format   •  All  implementable  with  openssl  toolkit   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   61  
SharedCA_AuthenLcaLonPlugin  (2)   •  Local  idenLty  is  verified  by  presence  of  private   key  that  corresponds  with  PK  in  cerLficate   •  Remote  IdenLty  verified  via  challenge.   –  Plugin  create  a  NONCE  and  sends  as  a  challenge  to   remote  parLcipant   –  Remote  ParLcipant  Pluging  must  encrypt  NONCE   with  private  key   –  Plugin  checks  response  against  the  PublicKey  in  the   cerLficate   –  These  messages  flow  over  the  exisLng   ParLcipantMessage  builLn  Topic   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   62  
Example  self-­‐signed  cerLficate  for  CA   CerLficate:          Data:                  Version:  1  (0x0)                  Serial  Number:                          9a:49:85:d1:3e:b9:85:04                  Signature  Algorithm:  sha1WithRSAEncrypLon                  Issuer:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Validity                          Not  Before:  May  31  00:11:29  2012  GMT                          Not  Aer  :  May  31  00:11:29  2013  GMT                  Subject:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Subject  Public  Key  Info:                          Public  Key  Algorithm:  rsaEncrypLon                          RSA  Public  Key:  (2048  bit)                                  Modulus  (2048  bit):                                          00:c5:8e:2b:3d:d1:97:a6:ce:8b:1f:91:0b:5b:1c:                                          5a:a0:60:42:b4:b8:89:35:40:de:9c:a0:51:12:25:                                          63:51:67:4c:26:8a:48:00:d0:98:0a:a0:2b:9b:ea:                                          50:9f:12:1e:9c:27:92:76:c4:38:4d:94:a1:38:37:                                          86:46:45:~:8e:b1:a4:b5:76:35:1a:6c:17:5c:05:                                          25:66:b7:f4:58:e4:6c:ad:a3:17:ef:fe:3b:ec:fa:                                          7b:60:e0:7f:9e:f3:a3:0b:a0:91:5f:ef:32:c7:d7:                                          57:37:8c:49:58:9c:be:fd:2b:b8:4c:3a:44:a0:c3:                                          6b:63:a0:ae:97:1d:bf:b0:af:09:3f:fc:ca:4d:1a:                                          8e:c4:1c:fd:db:2c:a8:20:e7:2d:61:8d:38:c3:46:                                          d5:94:0c:78:aa:17:e4:32:08:49:ed:8a:fa:b0:ce:                                          fc:bd:e4:8f:5a:53:73:b4:1c:a7:68:b4:39:b3:b3:                                          ff:~:80:ff:f3:87:ba:cc:48:5a:ed:b7:04:81:d4:                                          b5:89:48:ba:b5:3c:c3:9a:cd:6f:5a:94:ea:06:e5:                                          fa:b6:ee:ce:04:29:2a:ea:1d:54:2f:83:ef:c9:~:                                          5e:9e:ca:a7:74:c9:53:30:b7:fe:7d:e5:2b:4b:b1:                                          3a:81:9d:07:47:eb:45:02:95:79:48:d2:77:23:0b:                                          39:49                                  Exponent:  65537  (0x10001)          Signature  Algorithm:  sha1WithRSAEncrypLon                  42:96:cf:ee:95:c9:62:7c:6c:33:c9:cd:05:80:3c:99:89:32:                  54:fa:5c:3f:83:0c:87:91:f3:95:23:10:61:7c:ae:18:43:4f:                  9e:36:60:dd:bf:60:d0:2d:82:3d:56:dc:f1:cd:25:37:3d:c3:                  bd:c7:74:73:f1:fe:e1:0b:86:56:fc:82:83:71:45:e5:84:6f:                  bb:45:f9:a0:47:11:03:4a:13:7c:ed:15:24:9d:7b:5a:06:13:                  2c:15:ae:1e:98:c5:5e:cc:22:a9:2f:77:ca:2f:a7:~:82:b2:                  09:38:9d:dd:95:6e:65:e3:2b:10:e4:63:fe:30:04:b4:62:10:                  66:97:a3:ea:3d:ce:ef:83:e2:05:03:f1:7a:78:f3:6c:6c:75:                  72:f7:55:b0:3a:58:a5:4d:e7:f9:30:f8:3b:97:36:ad:fc:bc:                  93:90:de:b7:e8:bd:2d:25:5d:20:13:0b:5d:c7:64:ff:65:43:                  1b:3d:d8:5d:9f:ee:03:b7:81:a6:a9:39:ea:3a:cd:00:e2:48:                  de:2b:df:cb:76:74:45:ad:8c:00:ce:ec:06:55:5e:93:7c:68:                  3b:2f:48:e1:72:ed:1d:6e:45:33:12:b2:97:71:74:07:5d:4d:                  bd:0f:ff:c5:10:d9:fa:22:63:ab:9e:a0:44:33:c4:0f:e9:09:   2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   ©   63                  5d:b6:d8:05  
Example  CA  signed  ParLcipant  CerLficate   CerLficate:          Data:                  Version:  1  (0x0)                  Serial  Number:  2  (0x2)                  Signature  Algorithm:  sha1WithRSAEncrypLon                  Issuer:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Validity                          Not  Before:  May  31  00:43:09  2012  GMT                          Not  Aer  :  May  31  00:43:09  2013  GMT                  Subject:  C=US,  ST=CA,  L=Sunnyvale,  O=ACME  Inc.,  OU=CTO  Office,  CN=DDS  Shapes  Demo/emailAddress=cto@acme.com                  Subject  Public  Key  Info:                          Public  Key  Algorithm:  rsaEncrypLon                          RSA  Public  Key:  (2048  bit)                                  Modulus  (2048  bit):                                          00:eb:4e:24:f0:99:cd:e7:a6:2b:a8:85:af:c9:44:                                          b1:6e:fd:b1:bd:f5:9e:fa:af:a3:02:57:e5:ca:de:                                          18:d6:8f:cd:67:62:c7:61:74:41:14:b1:f3:cc:20:                                          9e:31:3c:65:c0:a8:67:c7:3c:b1:2e:50:62:d5:96:                                          9b:61:5c:d0:d1:a2:65:e6:27:51:3d:33:02:de:c0:                                          6a:79:f5:a9:6b:ff:cc:17:65:a2:8b:da:bf:7b:c2:                                          ca:15:5a:5b:71:d6:84:0f:48:9a:b4:a0:35:22:55:                                          8e:bb:de:67:09:de:41:73:ea:f9:0c:8e:2c:5f:d7:                                          06:5f:d3:3d:61:59:f9:c0:87:c4:b3:41:92:2f:7e:                                          68:8d:ba:1d:45:a4:1c:5e:4c:28:11:1f:bb:a1:95:                                          84:29:ee:dc:10:fe:fc:65:~:6d:e9:66:1a:5d:93:                                          44:51:fc:49:0c:a4:ef:51:b4:1d:4b:cd:38:19:88:                                          da:74:60:21:88:7e:8b:12:92:ec:51:f3:c2:8a:60:                                          bb:9e:b4:c5:63:dd:3d:12:1a:8c:40:ee:6a:de:1c:                                          90:4c:32:c2:c5:c3:9a:57:cc:24:~:c9:8b:08:1d:                                          de:5d:06:45:81:6d:21:c3:2e:44:9f:c7:da:19:9b:                                          cc:34:21:7a:e4:cb:13:0a:d2:87:87:dc:79:c1:8a:                                          30:ed                                  Exponent:  65537  (0x10001)          Signature  Algorithm:  sha1WithRSAEncrypLon                  7e:45:b8:01:29:ea:25:6a:02:e4:6e:e4:15:10:69:a7:68:b3:                  d5:76:46:35:b7:74:09:c8:b5:6e:bf:b4:91:f1:79:03:17:d5:                  d7:94:91:12:19:b6:49:28:cc:3f:12:9c:18:bc:5a:af:e7:ea:                  4b:d4:3d:40:de:78:9c:e3:17:3c:c7:22:e5:ae:14:b9:67:6a:                  81:8e:04:05:98:86:f5:bc:99:a5:e6:2b:b6:46:34:ae:b1:df:                  b6:65:d2:1b:43:ff:6b:d4:de:10:48:16:42:aa:c3:5f:fe:e2:                  9f:72:0c:8f:54:c1:c6:e6:95:76:d3:df:be:5d:42:2f:d6:7a:                  0a:e1:31:ee:19:55:75:cc:18:54:1f:b2:c1:df:6b:65:70:de:                  3e:31:ec:9a:70:5e:9c:44:ba:ce:6c:1e:a1:c4:b3:c1:79:cf:                  f6:2a:e5:b5:0a:40:e3:32:a9:b4:f5:68:fa:15:70:77:5b:43:                  c2:67:6d:a4:07:f8:89:1c:4c:b2:68:a4:53:56:1f:91:66:78:                  62:29:1b:19:5a:19:90:92:8a:1c:f4:d5:59:29:15:83:55:94:                  e7:e8:ed:53:21:f9:2c:30:11:21:94:44:bd:73:de:60:f1:45:                  63:e9:1c:22:3b:66:f5:9e:c7:a6:d1:d1:bb:5b:26:d0:34:de:                  c8:a2:a9:83   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   64  
SharedCA_PermissionsPlugin  (1)   •  XML  permissions  document  signed  by  shared  CA   –  Can  be  same  CA  as  for  AuthenLcaLon   –  Can  be  new  configured  CA  via  self-­‐signed  X.509  cert     –  XML  document  specifies  the  ParLcipant’s  DisLnguished  Name  from   AuthenLcaLon  cerLficate   –  PermissionsToken  is  the  PKCS7  signature  of  the  XML  document,  signed  by  the   permissions  CA.  This  is  a  widely  supported  IETF  standard   –  PermissionsToken  sent  via  regular  DDS  Discovery  as  addiLonal  EnLtyQoS   •  Permissions  document  uses  allow/deny  syntax  to  specify  which  Topics   the  ParLcipant  can  publish  and  subscribe   –  XML  Syntax  could  be  extended  to  permissions  for  instances  creaLon  and  deleLon   –  XML  Syntax  could  be  extended  to  specify  allowed  QoS  such  as  ParLLons   –  These  are  currently  not  specifiable  in  the  plugin   •  Permissions  document  also  allows  user-­‐extensibility  via  tag/value  pairs   which  are  also  signed.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   65  
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard
OMG DDS Security Standard

Recommended

Antiagregante plaquetário e anticoagulante
Antiagregante plaquetário e anticoagulanteAntiagregante plaquetário e anticoagulante
Antiagregante plaquetário e anticoagulanteresenfe2013
 
11. antivirais 27 e 28 mai
11. antivirais 27 e 28 mai11. antivirais 27 e 28 mai
11. antivirais 27 e 28 maiLuiz Gonçalves Mendes Jr
 
Capã­tulo 3 -_farmacologia_dos_vasocontritores
Capã­tulo 3 -_farmacologia_dos_vasocontritoresCapã­tulo 3 -_farmacologia_dos_vasocontritores
Capã­tulo 3 -_farmacologia_dos_vasocontritoresLucas Almeida Sá
 
DEMÊNCIA COM CORPOS DE LEWY
DEMÊNCIA COM CORPOS DE LEWYDEMÊNCIA COM CORPOS DE LEWY
DEMÊNCIA COM CORPOS DE LEWYADEMEC Ambulatório de Desordens da Memória e do
 
10 passos seguranca_paciente
10 passos seguranca_paciente10 passos seguranca_paciente
10 passos seguranca_paciente07082001
 
Drogas que atuam
Drogas que atuamDrogas que atuam
Drogas que atuamthamirys
 
Farmacoterapia pediátrica e neonatal
Farmacoterapia pediátrica e neonatalFarmacoterapia pediátrica e neonatal
Farmacoterapia pediátrica e neonatalSandra Brassica
 
Aula 13 Biomedicina
Aula 13 BiomedicinaAula 13 Biomedicina
Aula 13 BiomedicinaCaio Maximino
 

Recommended

Antiagregante plaquetário e anticoagulante
Antiagregante plaquetário e anticoagulanteAntiagregante plaquetário e anticoagulante
Antiagregante plaquetário e anticoagulanteresenfe2013
 
11. antivirais 27 e 28 mai
11. antivirais 27 e 28 mai11. antivirais 27 e 28 mai
11. antivirais 27 e 28 maiLuiz Gonçalves Mendes Jr
 
Capã­tulo 3 -_farmacologia_dos_vasocontritores
Capã­tulo 3 -_farmacologia_dos_vasocontritoresCapã­tulo 3 -_farmacologia_dos_vasocontritores
Capã­tulo 3 -_farmacologia_dos_vasocontritoresLucas Almeida Sá
 
DEMÊNCIA COM CORPOS DE LEWY
DEMÊNCIA COM CORPOS DE LEWYDEMÊNCIA COM CORPOS DE LEWY
DEMÊNCIA COM CORPOS DE LEWYADEMEC Ambulatório de Desordens da Memória e do
 
10 passos seguranca_paciente
10 passos seguranca_paciente10 passos seguranca_paciente
10 passos seguranca_paciente07082001
 
Drogas que atuam
Drogas que atuamDrogas que atuam
Drogas que atuamthamirys
 
Farmacoterapia pediátrica e neonatal
Farmacoterapia pediátrica e neonatalFarmacoterapia pediátrica e neonatal
Farmacoterapia pediátrica e neonatalSandra Brassica
 
Aula 13 Biomedicina
Aula 13 BiomedicinaAula 13 Biomedicina
Aula 13 BiomedicinaCaio Maximino
 
Mal de Parkinson(fisiopatologia)
Mal de Parkinson(fisiopatologia)Mal de Parkinson(fisiopatologia)
Mal de Parkinson(fisiopatologia)Vinicius Monteirobarreto
 
23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular Silvio23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular SilvioProf Silvio Rosa
 
Fisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentaçãoFisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentaçãoRita Brahim
 
Sulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinasSulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinasLucas Fontes
 
Uso racional de medicamentos
Uso racional de medicamentosUso racional de medicamentos
Uso racional de medicamentosPedro Azevedo
 
Desenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos BásicosDesenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos BásicosFabio Moura Pereira
 
Sistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renalSistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renalJackeline Olv
 
Aula - Cardiovascular - Anticoagulantes
Aula - Cardiovascular - AnticoagulantesAula - Cardiovascular - Anticoagulantes
Aula - Cardiovascular - AnticoagulantesMauro Cunha Xavier Pinto
 
Neuroanatomia
NeuroanatomiaNeuroanatomia
NeuroanatomiaVictor Nóbrega
 
Aula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_pacienteAula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_pacienteProqualis
 
Apostila de farmacologia 1
Apostila de farmacologia 1Apostila de farmacologia 1
Apostila de farmacologia 1Rayssa Mendonça
 
Medicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestórioMedicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestórioLeonardo Souza
 
Aula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosaAula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosaProqualis
 
Farmacologia dos Analgésicos
Farmacologia dos Analgésicos Farmacologia dos Analgésicos
Farmacologia dos Analgésicos Ricardo Augusto Tenfen Carneiro
 
Medicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMSMedicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMSProqualis
 
Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas resenfe2013
 
Anticoagulants
AnticoagulantsAnticoagulants
AnticoagulantsCarlos D A Bersot
 
Cuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológicaCuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológicaresenfe2013
 
Fármacos que atuam no sistema Digestório
Fármacos que atuam no sistema DigestórioFármacos que atuam no sistema Digestório
Fármacos que atuam no sistema DigestórioSimara Alves
 
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...resenfe2013
 
DDS Security
DDS SecurityDDS Security
DDS SecurityReal-Time Innovations (RTI)
 
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...Gerardo Pardo-Castellote
 

More Related Content

What's hot

23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular Silvio23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular SilvioProf Silvio Rosa
 
Fisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentaçãoFisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentaçãoRita Brahim
 
Sulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinasSulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinasLucas Fontes
 
Uso racional de medicamentos
Uso racional de medicamentosUso racional de medicamentos
Uso racional de medicamentosPedro Azevedo
 
Desenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos BásicosDesenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos BásicosFabio Moura Pereira
 
Sistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renalSistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renalJackeline Olv
 
Aula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_pacienteAula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_pacienteProqualis
 
Apostila de farmacologia 1
Apostila de farmacologia 1Apostila de farmacologia 1
Apostila de farmacologia 1Rayssa Mendonça
 
Medicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestórioMedicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestórioLeonardo Souza
 
Aula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosaAula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosaProqualis
 
Medicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMSMedicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMSProqualis
 
Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas resenfe2013
 
Cuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológicaCuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológicaresenfe2013
 
Fármacos que atuam no sistema Digestório
Fármacos que atuam no sistema DigestórioFármacos que atuam no sistema Digestório
Fármacos que atuam no sistema DigestórioSimara Alves
 
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...resenfe2013
 

What's hot (20)

Mal de Parkinson(fisiopatologia)
Mal de Parkinson(fisiopatologia)Mal de Parkinson(fisiopatologia)
Mal de Parkinson(fisiopatologia)
 
23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular Silvio23ª aula trauma raquimedular Silvio
23ª aula trauma raquimedular Silvio
 
Fisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentaçãoFisioterapia em Pediatria apresentação
Fisioterapia em Pediatria apresentação
 
Sulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinasSulfonamidas e tetraciclinas
Sulfonamidas e tetraciclinas
 
Uso racional de medicamentos
Uso racional de medicamentosUso racional de medicamentos
Uso racional de medicamentos
 
Desenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos BásicosDesenvolvimento de Sistemas Web - Conceitos Básicos
Desenvolvimento de Sistemas Web - Conceitos Básicos
 
Sistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renalSistema renal e os Diuréticos que afetam a função renal
Sistema renal e os Diuréticos que afetam a função renal
 
Aula - Cardiovascular - Anticoagulantes
Aula - Cardiovascular - AnticoagulantesAula - Cardiovascular - Anticoagulantes
Aula - Cardiovascular - Anticoagulantes
 
Neuroanatomia
NeuroanatomiaNeuroanatomia
Neuroanatomia
 
Aula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_pacienteAula sobre Taxonomia de segurança_do_paciente
Aula sobre Taxonomia de segurança_do_paciente
 
Apostila de farmacologia 1
Apostila de farmacologia 1Apostila de farmacologia 1
Apostila de farmacologia 1
 
Medicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestórioMedicamentos que atuam no sistema digestório
Medicamentos que atuam no sistema digestório
 
Aula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosaAula sobre prevenção da tromboembolia venosa
Aula sobre prevenção da tromboembolia venosa
 
Farmacologia dos Analgésicos
Farmacologia dos Analgésicos Farmacologia dos Analgésicos
Farmacologia dos Analgésicos
 
Medicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMSMedicação sem danos: o terceiro desafio global da OMS
Medicação sem danos: o terceiro desafio global da OMS
 
Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas Cardiopatias congênitas cianogênicas
Cardiopatias congênitas cianogênicas
 
Anticoagulants
AnticoagulantsAnticoagulants
Anticoagulants
 
Cuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológicaCuidados de Enfermagem na administração de fármacos em emergência cardiológica
Cuidados de Enfermagem na administração de fármacos em emergência cardiológica
 
Fármacos que atuam no sistema Digestório
Fármacos que atuam no sistema DigestórioFármacos que atuam no sistema Digestório
Fármacos que atuam no sistema Digestório
 
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
Estudo de caso: Assistência de Enfermagem ao portador de Transposição de Gran...
 

Viewers also liked

OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...Gerardo Pardo-Castellote
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceGerardo Pardo-Castellote
 
Hello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQHello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQSander Mertens
 
Practical Security with MQTT and Mosquitto
Practical Security with MQTT and MosquittoPractical Security with MQTT and Mosquitto
Practical Security with MQTT and Mosquittonbarendt
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesDominik Obermaier
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsBryan Boyd
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsAngelo Corsaro
 
The Data Distribution Service Tutorial
The Data Distribution Service TutorialThe Data Distribution Service Tutorial
The Data Distribution Service TutorialAngelo Corsaro
 
DDS for JMS Programmers
DDS for JMS ProgrammersDDS for JMS Programmers
DDS for JMS ProgrammersAngelo Corsaro
 
DDS in Action -- Part I
DDS in Action -- Part IDDS in Action -- Part I
DDS in Action -- Part IAngelo Corsaro
 

Viewers also liked (15)

DDS Security
DDS SecurityDDS Security
DDS Security
 
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
 
OMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised SubmissionOMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised Submission
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
 
Hello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQHello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQ
 
Practical Security with MQTT and Mosquitto
Practical Security with MQTT and MosquittoPractical Security with MQTT and Mosquitto
Practical Security with MQTT and Mosquitto
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of Things
 
20 Hot Location-Based Apps and Services You Should Know About
20 Hot Location-Based Apps and Services You Should Know About20 Hot Location-Based Apps and Services You Should Know About
20 Hot Location-Based Apps and Services You Should Know About
 
DDS Security
DDS SecurityDDS Security
DDS Security
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time Systems
 
The Data Distribution Service Tutorial
The Data Distribution Service TutorialThe Data Distribution Service Tutorial
The Data Distribution Service Tutorial
 
DDS Made Simple
DDS Made SimpleDDS Made Simple
DDS Made Simple
 
DDS for JMS Programmers
DDS for JMS ProgrammersDDS for JMS Programmers
DDS for JMS Programmers
 
DDS in Action -- Part I
DDS in Action -- Part IDDS in Action -- Part I
DDS in Action -- Part I
 

Similar to OMG DDS Security Standard

Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Webinar: Cloud Data Masking - Tips to Test Software Securely
Webinar: Cloud Data Masking - Tips to Test Software Securely Webinar: Cloud Data Masking - Tips to Test Software Securely
Webinar: Cloud Data Masking - Tips to Test Software Securely Skytap Cloud
 
Secure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLPSecure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLPFidelis Cybersecurity
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211hdmchughgmailcom
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeDell EMC World
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud
 
Oracle here. now. your choice.
Oracle here. now. your choice.Oracle here. now. your choice.
Oracle here. now. your choice.CIOEastAfrica
 
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...Indus Khaitan
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingCipherCloud
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...SolarWinds
 
CipherCloud for Any App
CipherCloud for Any AppCipherCloud for Any App
CipherCloud for Any AppCipherCloud
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentationstefanjung
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Proofpoint
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud StorageIdentity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud Storage1crore projects
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsMichael Scheidell
 

Similar to OMG DDS Security Standard (20)

OMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submissionOMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submission
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
 
Webinar: Cloud Data Masking - Tips to Test Software Securely
Webinar: Cloud Data Masking - Tips to Test Software Securely Webinar: Cloud Data Masking - Tips to Test Software Securely
Webinar: Cloud Data Masking - Tips to Test Software Securely
 
Secure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLPSecure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLP
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
 
5787355.ppt
5787355.ppt5787355.ppt
5787355.ppt
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution Overview
 
Oracle here. now. your choice.
Oracle here. now. your choice.Oracle here. now. your choice.
Oracle here. now. your choice.
 
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...
Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...
Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...
 
CipherCloud for Any App
CipherCloud for Any AppCipherCloud for Any App
CipherCloud for Any App
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud StorageIdentity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud Storage
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile Apps
 

More from Gerardo Pardo-Castellote

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareGerardo Pardo-Castellote
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Gerardo Pardo-Castellote
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationGerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018Gerardo Pardo-Castellote
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkGerardo Pardo-Castellote
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationGerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaGerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017Gerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017Gerardo Pardo-Castellote
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Gerardo Pardo-Castellote
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Gerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsGerardo Pardo-Castellote
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)Gerardo Pardo-Castellote
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)Gerardo Pardo-Castellote
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)Gerardo Pardo-Castellote
 

More from Gerardo Pardo-Castellote (20)

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.
 
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
 
Overview of the DDS-XRCE specification
Overview of the DDS-XRCE specificationOverview of the DDS-XRCE specification
Overview of the DDS-XRCE specification
 
DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 Beta
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained Environments
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 

Recently uploaded

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

OMG DDS Security Standard

  • 1. Your  systems.  Working  as  one.   DDS  SECURITY   Revised  Submission   Doc  num:  mars/2012-­‐06-­‐15   SubmiMer:   Gerardo  Pardo-­‐Castellote,  Ph.D.   Real-­‐Time  InnovaLons,  Inc.   CTO,  Real-­‐Time  InnovaLons,  Inc.   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved  
  • 2. Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   2  
  • 3. Security  Terms:  a  Safe-­‐Deposit  Box   •  AuthenLcaLon:  The  bank  knows  who  you  are;  you   must  show  ID.   •  Access  Control:  The  bank  only  lets  those  on  an   access  list  into  your  box.   •  ConfidenLality:  You  are  alone  in  the  room  Nobody   can  see  the  contents  of  the  box.   •  Integrity:    The  box  is  sealed.  If  anybody  touches  it   you  will  know.   •  Non  repudiaLon:  You  sign  when  you  come  in  and   out  so  you  can’t  claim  that  you  weren’t  there.   •  Availability:  The  bank  is  always  open.     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   33
  • 4. Security  as  a  system  problem   •  UlLmately  security  is  a  system  property   –  Involves  hardware,  soware,  humans,   procedures…   •  Most  directly  related:   Scope  of   1.  Securing  the  data-­‐cenLrc  bus   the  RFP   2.  IntegraLng  across  security  domains   Out   3.  Securing  the  operaLng  system   of  Scope   4.  Securing  the  hardware  &  soware   configuraLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   4  
  • 5. Three  security  boundaries   Ul5mately  you  need  to  implement  the  3  of  them   •  Boundary  security   •  Transport-­‐Level     –  Network  (layer  3)  security   –  Session  (layer  4/5)  security   •  Fine-­‐grained  Data-­‐Centric   Security   Scope  of  the  DDS  Security  RFP   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   5  
  • 6. Fine-­‐Grained  Data-­‐Centric  Security   Topics   •  Access  control  per  Topic   •  Read  versus-­‐write  permissions   •  Field-­‐specific  permissions   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6  
  • 7. Data  Security  Example:  UAV   Topics   Authen5ca5on   Access   Integrity   Non-­‐ Confiden5ality   Control   repudia5on   UAV  health   X   X   data   Remote   X   X   X   X   X   commands   Sensor  Data   X   X   X   X   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   7  
  • 8. Agenda   •  Background   • Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   8  
  • 9. RFP  Mandatory  Requirements   Proposals  shall  define  …   6.5.1    …  a  Plahorm  Independent  Security  Model  for  DDS     independent  of  the  programming  language  used…   6.5.2    …  a  collecLon  of  Plahorm  Independent  IntercepLon   Points  and    SPIs  …   6.5.3  …    built-­‐in  Plahorm  Independent  Security  Plugins  that   implement  the  Plahorm  Independent  Interfaces   6.5.4    …  plahorm  specific  mappings  for  the  built-­‐in  plugins  to   all  the  language  PSMs  supported  by  DDS   6.5.5  …    how  the  DDS  Interoperability  Wire  Protocol  is  used   to  allow  DDS  applicaLons  to  interoperate  securely   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   9  
  • 10. Mandatory  Requirements  6.5.1:   Security  Model   The  Security  Model  for  DDS  shall  …   6.5.1.1    …  support  mechanisms  that  establish  the  ability  for  a  DDS  ParLcipant  to  run  in  a   plahorm   6.5.1.2    …  support  mechanisms  to  configure  and  access  the  credenLals  of  the  underlying   DDS  ParLcipants  …   6.5.1.3  …    allow  specificaLon  of  authorizaLon  policies,  controlling    [1]  Joining  a  DDS  Domain    [2]  Access  to  DDS  Discovery  Data    [3]  Publishing  a  DDS  Topic,    [4]  Subscribing  to  a  DDS  Topic    [5]  Publishing  on  a  DDS  ParLLon,  [6]  Subscribing  on  a  DDS  ParLLon   6.5.1.4    …  include  the  concept  of  data  tagging   6.5.1.5  …    support  mechanism  for  ensuring  data  integrity,  including    [1]  traceability,  pedigree,  and  tamper    [2]  digital  signatures    [3]  data  encrypLon    [4]  use  of  different  keys  for  data  from  different  DataWriters   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   10  
  • 11. Mandatory  Requirements  6.5.2:     Set  of  IntercepLon  Points  and  SPIs   The  Plugin  SPIs  shall  …   6.5.2.1    …  allow  applicaLons  to  exchange  credenLals  with  a  DDS  ParLcipant    [1]  exchanging  credenLals  for  authenLcaLon    [2]  delegaLon  of  authority  for  authenLcaLon   6.5.2.2    …  allow  an  external  plugin  to  perform  all  the  authorizaLon  funcLons      [1]  full  support  of  the  authorizaLon  policies    [3]  support  delegaLon  of  authority    [4]  support  delegaLon  of  authority  separately  for  each  DDS  Topic   6.5.2.3  …    allow  an  external  plugin  to  perform  all  the  tagging  and  tag-­‐accessing  funcLons   6.5.2.4    …  allow  an  external  plugin  to  perform  all  the  encrypLon  and  decrypLon   funcLons   6.5.2.5  …    external  plugin  to  perform  all  the  digital  signing  and  verificaLon  funcLons   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   11  
  • 12. RFP  OpLonal  Requirements   Proposals  may  define  authorizaLon  policies  that  control    …   6.6.1  …  the  content  a  DDS  ParLcipant  is  allowed  to  publish  on  a  Topic.   6.6.2  …  the  content  a  DDS  ParLcipant  is  allowed  to  subscribe  on  a  Topic..   6.6.3  …  the  QoS  Policies  a  DDS  ParLcipants  can  use  when  publishing  a  Topic   6.6.4  …  the  QoS  Policies  a  DDS  ParLcipant  can  use  when  subscribing  to  a   Topic.   Proposals  may  define  …   6.6.5  …  data-­‐tagging  plugins  that  apply  different  tags  for  each  data-­‐sample   published  by  a  DDS  DataWriter.   6.6.6  …  built-­‐in  plugins  that  interoperate  with  standard  authenLcaLon  and   authorizaLon  protocols  and  services,  such  as,  LDAP  and  SAML.   6.6.7  …  a  PSM  mapping  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  to  a   secure  transport,  such  as,  DTLS.   6.6.8  …  a  PSM  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  allowing   interoperability  over  UnidirecLonal  Transports.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   12  
  • 13. Agenda   •  Background   •  Requirements   • Threats   •  Security  Model   •  BuilLn  Plugins   •  Plugins  and  SPIs   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   13  
  • 14. Threats   Alice:  Allowed  to  publish  topic  T   1.  Unauthorized  subscripLon   Bob:  Allowed  to  subscribe  to  topic  T   Eve:  Non-­‐authorized  eavesdropper     2.  Unauthorized  publicaLon   Trudy:  Intruder   3.  Tampering  and  replay     Trent:  Trusted  infrastructure  service   Mallory:  Malicious  insider   4.  Unauthorized  access  to  data   by  infrastructure  services     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   14  
  • 15. Data-­‐centric/mulLcast  Insider  Threats     •  Two  insider  threats  affecLng  (mulLcast)  data-­‐ centric  systems  are  of  unique  significance   1.  Reader  mis-­‐behaves  as  unauthorized  writer   An  applicaLon  uses  knowledge  gained  as  authorized   reader  to  spoof  the  system  as  a  writer   2.  Compromise  of  Infrastructure  Service     A  service  that  is  trusted  to  read  and  write  data  on  behalf   of  others  (e.g.  a    persistence  service  )  becomes   compromised     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   15  
  • 16. Reader  mis-­‐behaves  as  unauthorized   writer   •  SituaLon:   –  Alice  -­‐    creates  a  Crypto  Key  per  Topic/DataWriter   –  Alice  -­‐  shares  its  Key  with  all  intended  readers  as  needed  to  mulLcast   –  Mallory  –  is  an  authorized  reader  so  it  has  Alice’s  key   –  Mallory  –  behaves  maliciously  and  uses  Alice’s  key  to  create  fake  UDP  messages  purng   Alice’s  informaLon  (IP,  Port,  GUIDs,  etc.)  but  with  bad  data.   •  ImplicaLons:   –  Bob  sees  message  from  Mallory  and  processes  it  believing  it  is  from  Alice   –  Mallory  can  provide  a  system-­‐wide  failure  for  all  subscribers  to  topic  T,  making  them  process   wrong  data,  delete  instances,     –  Depending  on  the  Topic  this  can  be  catastrophic  for  the  system   •  Notes:   –  The  problem  is  that  all  secrets  shared  by  Alice  and  Bob  are  also  known    to  Mallory   •  So  the  aMack  cannot  be  solved  with  a  MAC  or  HMAC  if  Alice’s  key  is  also  shared  with  all  readers…   –  The  problem  can  be  solved  with  a  digital  signature  but  that  is  1000X  slower  than  a  MAC   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   16  
  • 17. Compromise  of  Infrastructure  Service  (2)     UDP   RTPS   SubMsg   DATA   SubMsg   DATA   Hdr   Hdr   Hdr(T1)   (T1)   Hdr(T2)   (T2)   •  SituaLon:   –  Alice  creates  a  Crypto  Key  to  write  topic  T   MAC  +  EncrypLon   –  Alice  encrypts  the  whole  RTPS  sub-­‐message  related  to  topic  T   –  Trent  is  an  infrastructure  (e.g.  relay)  that  must  store  and  forward  data  from  Alice  to  Bob   •  To  operate  Trent  needs  to  see  submessage  header  informaLon:  GUIDs,  SequenceNumber,  KeyHash,  …   –  Alice  shares  the  key  used  for  topic  T  with  Trent   •  Trent  has  access  to  the  keys  for  all  the  data  it  relays   –  Trent  is  aMacked  and  compromised   •  ImplicaLons:   –  Trent  aMacker  has  access  to  all  the  keys  for  all  the  topics  that  Trent  was  relaying     –  Infrastructure  must  be  granted  “super  user  privileges”  to  see  many  topics  despite  fact  they  have   no  need  to  see  the  data   –  Compromise  of  a  single  infrastructure  service  can  be  lead  to  catastrophic  informaLon  leakage   •  Notes:   –  The  problem  is  that  Trent  is  given  access  to  secrets  that  allow  it  to  see  the  data  despite  the  fact   that  it  does  not  have  a  need  to  do  so,  effecLvely  elevaLng  its  privileges  and  creaLng  a  big   vulnerability   –  The  problem  can  be  solved  if  the  submessage-­‐header  informaLon  Trent  needs  is  not  encrypted   with  the  same  key  as  the  topic  eal-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   ©  2012  R data.   17  
  • 18. The  submission  must  address  these   vulnerabiliLes   •  Maintain  separaLon  between  different  classes  of  data  receivers   1.  Cannot  access  any  informaLon  on  topic  T   2.  Can  relay  the  submessages  on  topic  T,  but  not  the  payload  data   3.  Can  access  the  payload  data  on  topic  T  but  not  relay  messages   •  Examples:   –  UnauthenLcated  or  Non-­‐authorized  applicaLons.  ApplicaLons  without  the  rights   to  join  a  specific  DDS  domain   –  DDS  Persistence  Service  which  is  allowed  to  store  encrypted  payload.  Recording   Services,  Gateways  and  rouLng  components   •  They  need  to  see  enough  (Topic,  Key,  Sequence  Numbers)  but  not  the  data     –  AuthenLcated  applicaLons  authorized  to  read  data  on  a  specific  Topic   •  This  can  be  enforced  by  combining  a  MAC  and  EncrypLon  and  sharing   these  keys  selecLvely   –  MAC  Key  shared  with  relay  service   –  MAC  &  Crypto  Key  shared  with     UDP   Hdr   RTPS   Hdr   SubMsg   Hdr(T1)   DATA   (T1)   SubMsg   Hdr(T2)   DATA   (T2)              authorized  readers     This  is  not  in  the  submission  yet   MAC   EncrypLon       6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   18  
  • 19. Agenda   •  Background   •  Requirements   •  Threats   • Security  Model   •  Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   19  
  • 20. Submission  Guiding  Principles   •  Performance  &  Scalability   –  Do  not  impact  parts  of  the  system  that  do  not  have  security  needs   –  Allow  opLng  out  of  specific  features  such  as  MAC,  EncrypLon.  Digital  Signature  with  sufficient   granularity   –  Limit  use  of  asymmetric  keys  to  discovery  &  session  establishment     –  Support  MulLcast   •  Robustness  &  Availability   –  Be  robust  to  the  failure  or  compromise  of  any  single  component.   –  Limit  privileges  of  infrastructure  services  and  relays   –  Avoid  centralized  policy  decisions/services   –  Avoid  mulL-­‐party  key  agreement  protocols   •  Fitness  to  data-­‐centric  model   –  Express  policies  and  permissions  in  terms  of  familiar  DDS  terminology  and  objects   –  Support  all  of  DDS:  consumpLon  of  samples  out  of  order,  best  efforts,  Lme  filters,  history  cache,   etc.   •  Leverage  exisLng  technologies   –  Support  plugging  in  exiLng  technologies  for  ciphers,  MAC,  PKI   •  Ease  of  use  &  Flexibility   –  DO  not  preclude  integraLng  with  their  exisLng  security  and  crypto  infrastructure.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   20  
  • 21. Audience  and  Purpose  for  this   SpecificaLon   •  Audience:   –  DDS  vendors/implementers,  not  the  users  of  DDS   •  Purpose:   –  Define  a  Security  Model  for  DDS  systems   –  Define  concrete  IntercepLon  points  in  the  middleware   where  SPI  interfaces  must  be  called   –  Define  concrete  SPI  Interfaces  vendors  must  invoke  at  the   IntercepLon  Points  and  the  behavior  upon  various   returns   –  Define  specific  SPI  implementaLons  to  the  extent   required  for  interoperability   –  NOT  guidance  to  users  implemenLng  secure  DDS  systems   –  NOT  definiLon  of  security  technologies  beyond  what  is   required  to  implement  the  specificaLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   21  
  • 22. Security  Model   •  A  security  model  is  defined  in  terms  of:   –  The  subjects  (principals)   –  The  objects  being  protected   •  The  operaLons  that  are  protected  on  the  objects   –  Access  Control  Model   •  A  way  to  map  each  subject  to  the  objects  they  can   perform  operaLons  on  and  which  are  the  allowed   operaLons   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   22  
  • 23. Security  Model  Example:   UNIX  FileSystem  (simplified)   •  Subjects:    Users,  specifically  processes  execuLng  on  behalf  of  a  specific  userid   •  Protected  Objects:    Files  and  Directories   •  Protected  OperaLons  on  Objects:   –  Directory.list,  Directory.createFile,  Directory.createDir,  Directory.removeFile,   Directory.removeDir,  Directory.renameFile   –  File.view,  File.modify,  File.execute   •  Access  Control  Model:   –  A  subject  is  given  a  userId  and  a  set  of    groupId   –  Each  object  is  assigned  a  OWNER  and  a  GROUP   –  Each  Object  is  given  a  combinaLon  of  READ,  WRITE,  EXECUTE  permissions   for  the  assigned  OWNER  and  GROUP   –  Each  protected  operaLon  is  mapped  to  a  check,  for  example   •   File.view  is  allowed  if  and  only  if     –  File.owner  ==  Subject.userId  AND  File.permissions(OWNER)  includes  READ   –  OR  File.group  IS-­‐IN  Subject.groupId[]    AND  File.permissions(GROUP)  includes  READ   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   23  
  • 24. DDS  Security  Model   •  Subjects:    DDS  DomainParLcipant  (ParLcipant  GUID)   •  Protected  Objects:    DDS  Domain  and  DDS  Topic   •  Protected  Opera5ons  on  Objects  (logical  view):   –  DomainParLcipant.join   –  DomainParLcipant.add_read_parLLon   –  DomainParLcipant.add_write_parLLon   –  Topic.create   –  Topic.set_qos   –  Topic.set_reader_qos   –  Topic.read   –  Topic.set_writer_qos   –  Topic.write   –  Topic.create_instance   –  Topic.update_instance   –  Topic.dispose_instance   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   24  
  • 25. Mapping  of  DDS  API  to  protected  operaLons   DDS  API  Call     Protected  Opera5on   DomainParLcipantFactory.create_parLcipant   Discovery.match_remote_parLcipant   DomainParLcipant.join   DomainParLcipant.create_publisher   Publisher.set_qos   DomainParLcipant.add_write_parLLo n   DomainParLcipant.create_subscriber   Subscriber.set_qos   DomainParLcipant.add_read_parLLo n   DomainParLcipant.create_topic   Discovery.dicover_topic   Topic.create,  Topic.seq_qos   Topic.set_qos   Topic.set_qos   Subscriber.create_datareader   Discovery.dicover_datareader   Topic.read,  Topic.set_reader_qos   DataReader.set_qos   Discovery.change_datareader_qos   Topic.set_reader_qos   Publisher.create_datawriter   Discovery.dicover_datawriter   Topic.write,  Topic.set_writer_qos   DataWriter.set_qos   Discovery.change_datawriter_qos   Topic.set_writer_qos   DataWriter.register_instance   DataWriter.write   Topic.create_instance   6/25/12   Protocol.receive_instance_new   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   25  
  • 26. Access  Control  Model   •  Flexible  Access  Control  Model  implemented  by  the  AccessControl   SPI.     –  AccessControl  plugin  implementaLons  can  customize  the  behavior.   •  General  Access  Control  Model     –  Each  subject  (DomainParLcipant)  is  configured  with  a  set  of  permissions   –  The  AccessControl  Plugin  intercepts  each  of  the  protected  operaLons  and  decides   whether  is  is  allowed  or  denied.     •  Access  Control  Model  implemented  by  builLn-­‐plugins:   –  Explicit  permissions  assigned  to  DomainPaLcipants  based  on  the  Topic  name  (in   current  submission)   –  Role-­‐based  access  control   –  Label-­‐based  access  control   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   26  
  • 27. Example:  Explicit  permissions          <permisions  xsi:noNamespaceSchemaLocation="omg_shared_ca_permissions.xsd"                                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-­‐instance">          <validity>                  <!-­‐-­‐  Format  is  YYYYMMDDHH  in  GMT-­‐-­‐>                  <not_before>2012060113</not_before>                  <not_after>2013060113</not_after>          </validity>          <subject_name>/C=US/ST=CA/L=Sunnyvale/O=ACME  Inc./OU=CTO  Office/CN=DDS   Shapes  Demo/emailAddress=cto@acme.com</subject_name>          <allow_with_exceptions>                  <domain_id>0</domain_id>                  <allow>                          <publish>Sq*</publish>                          <subscribe>Circle</subscribe>                  </allow>                  <exception>                          <publish>SquareControl</publish>                  </exception>          </allow_with_exceptions>   </permissions>   •  The  DomainParLcipant  is  allowed  to  join  domain  0   •  Within  domain  0  the  DomainParLcipant  is  allowed  to  wriLng  any  Topic  with  a  name  that   matches  the  expression  “Sq*”  with  the  excepLon  of  Topic  named  “SquareControl”   •  Within  domain  0  the  DomainParLcipant  is  allowed  to  read  only  the  Topic  named  “Circle”     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   27  
  • 28. Pluggable  Security  Architecture   cerLficates   applicaLon  component   App.   App.   App.   AuthenLcaLon   Secure  DDS     Key   Plugin   middleware   Management   ? Plugin   Other     Other   Other       Access  Control   DDS   Plugin   DDS  EnLLes   Cryptography   DDS   DDS   System   System   Plugin   System   AudiLng   Protocol   Data   Plugin   Engine   cache   Tagging   Plugin   Secure  Transport  (e.g.  TLS)   Kernel   ? Crypto   Policies   Module   Network   (e.g.  TPM  )     Driver      Secure  Kernel   TA Encrypted   G   Data   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   Network   28  
  • 29. Service  Plugins  (SPIs)     •  Authen5ca5on:  Provides  the  mechanism  to  verify  that  idenLty  of   the  applicaLon  and  or  user  that  invokes  operaLons  on  DDS  in   order  to  join  a  domain,  publish,  subscribe,  etc.   •  AccessControl:  Provides  the  means  to  enforce  policy  decisions  on   what  DDS  related  operaLons  an  authenLcated  user  can  perform.   For  example  which  domains  it  can  join,  which  Topics  it  can  publish   or  subscribe,  etc.   •  Cryptography:  Implements  (or  interfaces  with  libraries  that   implement)  all  cryptographic  operaLons,  including  encrypLon,   decrypLon,  digital  signatures,  etc.   •  KeyManagement:  Provides  key  distribuLon  and  access  services.  It   allows  DDS  implementaLons  to  access  the  necessary  keys  given   the  idenLty  and  access  control  policies.   •  Tagging:  Tag/Label  data  samples.   •  Logging:  Supports  audiLng  of  all  DDS  security-­‐relevant  events.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   29  
  • 30. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   30  
  • 31. IntercepLon  Points:  Current  logical  flow   Create   Domain   AuthenLcate   ParLcipant     DP?   Create   Endpoints   Discover   remote  DP   Discover   remote   Endpoints   Send/ Receive  data   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   31  
  • 32. IntercepLon  Points  inserted  into  the  logical   flow   Create   Domain   Domain   AuthenLcate   No   ParLcipant   AuthenLcate   DP?   ParLcipant     Create  Fails   Yes   DP?   Create   No   Endpoint   Access  OK?   Endpoints   Create  Fails   Discover   AuthenLcate   No   Ignore   remote  DP   Remote  DP?   Remote  DP   Yes   Discover   Ignore   remote   Access  OK?   remote   Endpoints   endpoint   Send/ Message   Receive  data   security   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   32  
  • 33. AuthenLcaLon  -­‐  Local   Create   Load   Domain   Domain   IdenLty   AuthenLcate   No   ParLcipant   AuthenLcate   DP?   ParLcipant     CerLficates   Create  Fails   DP?   Yes   For  PKI,   token  is  PKI   Get  Auth   cerLficate   Token   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   33  
  • 34. DDS  Security  Flow:  Access  Control   Load   No   Create   Endpoint   Security   Access  OK?   Endpoints   Create  Fails   Policies   Yes   Data  Writer?   Yes   Get  Keys   If  desired,   add  tag   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   34  
  • 35. IntercepLon  Points  –  Remote  AuthenLcaLon   and  Access  Control   Discover   Receive   AuthenLcate   No   Ignore   remote  DP   IdenLty  Token   Remote  DP?   Remote  DP   Yes   Discover   No   Ignore   Receive   remote   Access  OK?   remote   Permissions  Token   Endpoints   endpoint   Yes   Does  the   Matched  DW?   remote  Data   Writer   Yes   match  a   Get  Keys   local  Data   Reader   Get  remote   DW  tag   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   35  
  • 36. DDS  Security  Flow:  Send  Data   Access   Yes   Write   Marshall   Encrypt?   CriptoKeys  +   No   Encrypt   ClearText   CipherText   CipherText   Header  has   KeyId     Marshal   Access   SampleInfo   DigitalSig?   PrivateKey  +   (KeyHash,   Yes   Sign   SN,  GUID)   TBD:  DSig   Append  Digital  Signature   Header   Yes   precedes   Access   ciphertext?   Send  RTPS   Assemble   MACKeys  +   Message  to   MAC?   Submessages   Yes   compute  MAC   DesLnaLon   TBD:     Append  MAC   MAC  as  separate   submessage?     Send  to  UDP   First  or  last?     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   In  RTPS  Header?   36  
  • 37. Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   • Plugins  and  SPIs   •  BuilLn  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   37  
  • 38. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   38  
  • 39. AuthenLcaLon  Plug-­‐in   •  Goal:  authorize  DDS  enLLes.    Only  an  authorized   DDS  applicaLon  can  send  or  receive  data  in  that   domain   •  The  unique  idenLty  of  a  Domain  ParLcipants  is   locally  authenLcated   •  When  a  remote  Domain  ParLcipant  is  discovered,  its   idenLty  must  be  validated   AuthenLcaLon   Service   DDS   DDS   DDS   App   App   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   39  
  • 40. AuthenLcaLon  SPI   •  IdenLtyCredenLal:  configures  the   plugin  with  the  informaLon  it   needs  to  idenLfy  and  authenLcate   the  local  parLcipant   •  IdenLtyHandle:  used  refer  locally   to  an  authenLcated  parLcipant.   •  IdenLtyToken:  characterizes  the   idenLty  informaLon  of  a   DomainParLcipant,  which  is   propagated  via  discovery   •  AuthenLcaLonListener  noLfy  of   status  changes:  E.g.  when  a   cerLficate  has  expired  and  revokes   the  idenLty     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   40  
  • 41. AuthenLcaLon  OperaLons   Opera5on   Descrip5on   validate_local Validates the identity of the local DomainParticipant based on _identity credentials, biometrics or whatever the plug-in requires. validate_remot Validates the identity of the remote DomainParticipant, based on e_identity an IdentityToken representation. This operation may return an Identity Challenge that must be sent and replied to by the remote participant. get_identity_t Returns an IdentityToken that can be sent over the network to oken identify the DomainParticipant. challenge_iden Asks the local AuthenticationPlugin to respond to an identity tity challenge. The operation is invoked if a remote Participant sends a message requesting an identity challenge validate_ident Provides the AuthenticationPlugin with the response to an ity_challenge identity challenge that was previously requested as a result of a call to validate_remote_identity set_listener Sets the listener necessary for determining identity status changes to the AuthenticationListener objects received as an argument. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   41  
  • 42. Access  Control  SPI   Access  Control  SPI   •  PermissionsCredenLal:   provided/configured  on  the   DomainParLcipant  to     prove  its  permissions   •  PermissionsHandle:   internal  handle  to  refer  to   the  permissions  of  an   idenLfied   DomainParLcipant   •  PermissionsToken:   characterizes  the   DomainParLcipant   permissions,  which  is   propagated  via  discovery   •  AccessControlListener   noLfy  of  status  changes.   E.g.  a  change  in   permissions.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   42  
  • 43. Access  Control  OperaLons   Opera5on   Descrip5on   validate_loc Validates the permissions of the local DomainParticipant. The al_permissio permissions could be based on a PermissionsCredential ns()   presented to the plugin. The operation returns a PermissionsHandle object, if successful. validate_rem Validates the permissions of the remote DomainParticipant, ote_permissi propagated as a PermissionsToken. The operation returns a ons()   PermissionsHandle, if successful. check_create Enforces the permissions of the local DomainParticipant. _particpant Ensurng it is allowed to join the specified domain_id with the ()   specified Participant QoS. check_create Enforces permissions to ensure the local DomainParticipant is _datawriter allowed to write the specified Topic with the specified QoS. () check_create Enforces permissions to ensure the local DomainParticipant is _datareader allowed to read the specified Topic with the specified QoS. () check_create Enforces permissions to ensure the local DomainParticipant is _topic()   6/25/12   allowed©  2012  Real-­‐Time  Ithe specified Topic with the specified QoS. to create nnovaLons,  Inc.    -­‐    All  rights  reserved   43  
  • 44. Access  Control  OperaLons  (II)   Opera5on   Descrip5on   check_local_da In case the access control requires a finer granularity at the instance tawriter_regis level, this operation enforces the permissions of the local DataWriter ter_instance()   to create a particular instance. check_local_da In case the access control requires a finer granularity at the instance tawriter_dispo level, this operation enforces the permissions of the local DataWriter se_instance()   to delete a particular instance. check_remote_p Enforces the permissions on the remote DomainParticipant, articipant()   ensuring it has permissions to join the domain with the specified domain_id and QoS. check_remote_d Enforces the permissions on the remote DomainParticipant atawriter()   ensuring is has permissions to write data on the specified Topic name and type (extracted from the publication_data) and with the discovered QoS. check_remote_d Enforces the permissions on the remote DomainParticipant atareader()   ensuring is has permissions to read data on the specified Topic name and type (extracted from the publication_data) and with the discovered QoS. check_remote_t Enforces permissions to ensure the remote DomainParticipant is opic()   allowed to create the specified Topic with the specified QoS. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   44  
  • 45. Access  Control  OperaLons  (III)   Opera5on   Descrip5on   check_remote In case the access control requires a finer granularity at the instance _datawriter_ level, this operation checks the permissions of the remote register_ins DataWriter allow it to create a particular instance. tance()   check_remote In case the access control requires a finer granularity at the instance _datawriter_ level, this operation checks the permissions of the remote dispose_inst DataWriter allow it to delete a particular instance. ance()   get_permissi Returns the PermissionsToken that can be used to represent on ons_token() the network the Participant’s permissions, which are identified by the specified PermissionsHandle. set_listener Sets the listener for the AccessControl object. () 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   45  
  • 46. Access  Control  Listener  OperaLons   Opera5on   Descrip5on   on_revoke_pe DomainParticipants’ Permissions can be revoked/changed. rmissions()   This listener provides a callback for permission revocation/changes. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   46  
  • 47. Cryptographic  Plug-­‐in   Goal:  Provide  cryptographic  capabiliLes  for  DDS  data  samples   •  Customer  security  policy  dictates  which  per  sample  cryptography   is  required   –  MAC  for  message  authenLcaLon  and  integrity   –  Digest  for  integrity  or  as  part  of  compuLng  a  Digital  Signature   –  Digital  signature   –  EncrypLon   •  Highlights:   –  Designed  to  support  different  encrypLon  methods   •  PKI,  Symmetric  keys,  IdenLty  based  encrypLon   •  Counter-­‐mode  encrypLon  (for  non  stream-­‐oriented  sessions)   –  General  and  extensible  API     •  can  support  different  implementaLons  of  the  crypto,  including  interfacing   with  device  drives  and  hardware   –  Designed  for  performance   •  Separate  prepare  &  execute  cycles   •  Supports  performing  cryptographic  operaLons  on  non-­‐conLguous  buffers   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   47  
  • 48. Cryptographic  SPI   Provides  support  for:   •  Encrypt/Decrypt   •  MessageAuthenLcaLon   •  Digital  signature  &   verificaLon   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   48  
  • 49. Main  Types   •  Handle  (CryptoHandle,  CryptoSession  MACHandle,   DSigHandle):   –  Provide  internal  handle  to  “prepared”  key  material  inside   the  Plugin  for  efficient  operaLons   •  Token  (CryptoToken,  MACToken,  DSigToken):   –  Encode  all  the  informaLon  needed  to  iniLalize  the   algorithms.  This  informaLon  created  at  the  request  of     applicaLon  generaLng  the  message  and  made  available  to   the  authorized    recipients  with  the  help  of  the   MeyManager  plugin   •  State  (CryptoState,  CryptoState  MACState,   DSigState):   –  Internal  handle  to  algorithmic  state  to  support  operaLons   on  non-­‐conLguous  buffers   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   49  
  • 50. Cryptographic  OperaLons   Opera5on   Descrip5on   decrypt() Given a cryptographic token and encrypted data, this function generates decrypted output. This will be used by a DataReader to decrypt encrypted data it received on the wire.   encrypt() Given an encryption token and data, this function generates encrypted output. This will be used by a DataWriter to encrypt data prior to sending it out on the wire.   get_cypher_in Returns the corresponding to a CryptographicToken.   fo_from_token () get_key_from_ Returns the CryptographicKey corresponding to a token() CryptographicToken.   get_local_enc Returns the local cryptographic token, CryptographicToken, ryption_token given the local key. () get_remote_en Returns the remote CryptographicTokengiven the cypher info cryption_toke for it. In order to achieve interoperability, the cipher info needs to be n() 6/25/12   known.   2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   ©   50  
  • 51. Cryptographic  OperaLons  (II)   Opera5on   Descrip5on   set_key_for_t Associates a cryptographic key to a cryptographic token.   oken() sign() Digitally signs the data and attaches the signatures on the wire.   verify() Verifies the signature of the data.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   51  
  • 52. Key  Management  Plug-­‐In   Goal:  enable  efficient  method  for  management  of   cryptographic  keys   •  Each  Data  Writer  needs  a  key  for   –  EncrypLon   –  Message  AuthenLcaLon  Codes   –  Digital  Signature  (oen  the  PKI  cert  private  key)   •  A  Matched  Data  Reader  needs  matching  key   •  The  KeyManagent  plugin  is  responsible  for   propagaLng  the  different  Keys  to  the  authorized   readers       6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   52  
  • 53. Key  Management  SPI   •  KeyManagerTokenHandle:  local  opaque  reference   to  a  previously  stored  token   •  TokenAccessTicket:  Opaque  Lcket  granLng  access   to  a  key  to  an  idenLfied  DomainParLcipant   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   53  
  • 54. Highlights   •  Generic  API  supports  custom  and  well  as  commercial   Key  Managers   •  Integrates  well  with  exisLng  DDS  mechanisms   •  Model:   –  The  KeyManager  stores  keys  (KeyTokens)  at  the  request  of   the  sender   –  The  sender  requests  a  Ticket  to  be  generated  for  to   granLng  access  to  a  KeyToken  to  a  specific  subject  Iden5ty   (DomainParLcipant).     –  The  sender  can  share  the  Ticket  with  the  intended   recipient.  This  message  does  not  need  to  be  protected   –  Upon  presentaLon  of  the  Ticket    by  the  intended  Iden5ty   the  KeyManager    gives  it  the  KeyToken.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   54  
  • 55. Key  Management  OperaLons   Opera5on   Descrip5on   store_token() Stores a Token a cryptographic Token in the Manger retuning a KeyManagerTokenHandle that can be used to locally refer to the stored Token. get_token_acce Returns a Ticket for a previously stored Token to be used by a ss_ticket()   specified subject Identitity. The Ticket grants access to the Token only to the identity that was specified so it maybe shared in cleartext with the intended recipient.   lookup_token_h Looks up a Token given a Ticket. The KeyManager will andle() ensure that the identity of the requester is the one for whom the Ticket was intended. Returns a KeyManagerTokenHandle that can be used to locally refer to the stored Token. get_token() Retrieves a previously stored Token given its local KeyManagerTokenHandle. 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   55  
  • 56. Key  Management  Listener  OperaLons   Opera5on   Descrip5on   identity_chall Used   to   enforce   that   only   the   intended   recipient   idenLty   can   get   enge() access  to  a  stored  Token 6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   56  
  • 57. Logging  (AudiLng)  Plug-­‐in   •  Goal:  Provide  mechanism  to  log  either  locally   or  centralized  all  security  events  for  audiLng   DDS  App   Secure   Audit   Plug-­‐ DB   ins   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   57  
  • 58. Data  Tagging   •  Tag  is  added  to  a  Data  Writer   •  Tag  is  propagated  over  discovery   •  The  Data  Reader  stores  the  tag  of  each  Data   Writer   •  When  the  Data  Reader  applicaLon  gets  a  data   sample,  it  can  retrieve  the  tag  associated  with   that  sample  from  the  middleware     6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   58  
  • 59. Agenda   •  Background   •  Requirements   •  Threats   •  Security  Model   •  Plugins  and  SPIs   • Buil5n  Plugins   •  Status  &  Conclusion   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   59  
  • 60. BuilLn  Plugins   SPI   Buil5n  Plungin   Notes   AuthenLcaLon   SharedCA_AuthenLcaLonPlugin   Uses  PKI  with  a  pre-­‐configured   shared  CerLficate  Authority   AccessControl   SharedCA_PermissionsPlugin   Permissions  document  signed  by   shared  CerLficate  Authority   Cryptography   Crypto-­‐AES-­‐CTR-­‐HMAC     AES128  and  AES256    for  encrypLon   (in  counter  mode)   SHA1  and  SHA256  for  digest   HMAC-­‐SHA1  and  HMAC-­‐256  for   MAC   PKI  digital  signature   KeyManagement   PKI_Protected_DDS_KeyDistribuLon   Use  authorized  reader  PK  to   protect  KeyDistribuLon   Not  described  in  submission   DataTagging   Discovered_EndpointTags   Send  Tags  via  Endpoint  Discovery   Logging   DedicatedDDS_LogTopic   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   60  
  • 61. SharedCA_AuthenLcaLonPlugin  (1)   •  2048-­‐bit  RSA  x.509  CerLficates  in  combinaLon  with  a   configurable  shared  CerLficate  Authority  (CA)   •  Each  ParLcipant  is  configured  with     –  Shared  CA  described  by  self-­‐signed  cerLficate  (e.g.  PEM,   DER  formats)     –  The  ParLcipant  Private  Key  (e.g.  PEM,  DER)   –  The  ParLcipant  signed  cerLficate  from  the  CA  binding  the     •  DisLnguished  Name  for  the  parLcipant   •  ParLcipant  Public  Key   –  AuthenLcaLonToken  is  signed  cerLficate  in  PEM  format   •  All  implementable  with  openssl  toolkit   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   61  
  • 62. SharedCA_AuthenLcaLonPlugin  (2)   •  Local  idenLty  is  verified  by  presence  of  private   key  that  corresponds  with  PK  in  cerLficate   •  Remote  IdenLty  verified  via  challenge.   –  Plugin  create  a  NONCE  and  sends  as  a  challenge  to   remote  parLcipant   –  Remote  ParLcipant  Pluging  must  encrypt  NONCE   with  private  key   –  Plugin  checks  response  against  the  PublicKey  in  the   cerLficate   –  These  messages  flow  over  the  exisLng   ParLcipantMessage  builLn  Topic   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   62  
  • 63. Example  self-­‐signed  cerLficate  for  CA   CerLficate:          Data:                  Version:  1  (0x0)                  Serial  Number:                          9a:49:85:d1:3e:b9:85:04                  Signature  Algorithm:  sha1WithRSAEncrypLon                  Issuer:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Validity                          Not  Before:  May  31  00:11:29  2012  GMT                          Not  Aer  :  May  31  00:11:29  2013  GMT                  Subject:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Subject  Public  Key  Info:                          Public  Key  Algorithm:  rsaEncrypLon                          RSA  Public  Key:  (2048  bit)                                  Modulus  (2048  bit):                                          00:c5:8e:2b:3d:d1:97:a6:ce:8b:1f:91:0b:5b:1c:                                          5a:a0:60:42:b4:b8:89:35:40:de:9c:a0:51:12:25:                                          63:51:67:4c:26:8a:48:00:d0:98:0a:a0:2b:9b:ea:                                          50:9f:12:1e:9c:27:92:76:c4:38:4d:94:a1:38:37:                                          86:46:45:~:8e:b1:a4:b5:76:35:1a:6c:17:5c:05:                                          25:66:b7:f4:58:e4:6c:ad:a3:17:ef:fe:3b:ec:fa:                                          7b:60:e0:7f:9e:f3:a3:0b:a0:91:5f:ef:32:c7:d7:                                          57:37:8c:49:58:9c:be:fd:2b:b8:4c:3a:44:a0:c3:                                          6b:63:a0:ae:97:1d:bf:b0:af:09:3f:fc:ca:4d:1a:                                          8e:c4:1c:fd:db:2c:a8:20:e7:2d:61:8d:38:c3:46:                                          d5:94:0c:78:aa:17:e4:32:08:49:ed:8a:fa:b0:ce:                                          fc:bd:e4:8f:5a:53:73:b4:1c:a7:68:b4:39:b3:b3:                                          ff:~:80:ff:f3:87:ba:cc:48:5a:ed:b7:04:81:d4:                                          b5:89:48:ba:b5:3c:c3:9a:cd:6f:5a:94:ea:06:e5:                                          fa:b6:ee:ce:04:29:2a:ea:1d:54:2f:83:ef:c9:~:                                          5e:9e:ca:a7:74:c9:53:30:b7:fe:7d:e5:2b:4b:b1:                                          3a:81:9d:07:47:eb:45:02:95:79:48:d2:77:23:0b:                                          39:49                                  Exponent:  65537  (0x10001)          Signature  Algorithm:  sha1WithRSAEncrypLon                  42:96:cf:ee:95:c9:62:7c:6c:33:c9:cd:05:80:3c:99:89:32:                  54:fa:5c:3f:83:0c:87:91:f3:95:23:10:61:7c:ae:18:43:4f:                  9e:36:60:dd:bf:60:d0:2d:82:3d:56:dc:f1:cd:25:37:3d:c3:                  bd:c7:74:73:f1:fe:e1:0b:86:56:fc:82:83:71:45:e5:84:6f:                  bb:45:f9:a0:47:11:03:4a:13:7c:ed:15:24:9d:7b:5a:06:13:                  2c:15:ae:1e:98:c5:5e:cc:22:a9:2f:77:ca:2f:a7:~:82:b2:                  09:38:9d:dd:95:6e:65:e3:2b:10:e4:63:fe:30:04:b4:62:10:                  66:97:a3:ea:3d:ce:ef:83:e2:05:03:f1:7a:78:f3:6c:6c:75:                  72:f7:55:b0:3a:58:a5:4d:e7:f9:30:f8:3b:97:36:ad:fc:bc:                  93:90:de:b7:e8:bd:2d:25:5d:20:13:0b:5d:c7:64:ff:65:43:                  1b:3d:d8:5d:9f:ee:03:b7:81:a6:a9:39:ea:3a:cd:00:e2:48:                  de:2b:df:cb:76:74:45:ad:8c:00:ce:ec:06:55:5e:93:7c:68:                  3b:2f:48:e1:72:ed:1d:6e:45:33:12:b2:97:71:74:07:5d:4d:                  bd:0f:ff:c5:10:d9:fa:22:63:ab:9e:a0:44:33:c4:0f:e9:09:   2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   6/25/12   ©   63                  5d:b6:d8:05  
  • 64. Example  CA  signed  ParLcipant  CerLficate   CerLficate:          Data:                  Version:  1  (0x0)                  Serial  Number:  2  (0x2)                  Signature  Algorithm:  sha1WithRSAEncrypLon                  Issuer:  C=US,  ST=MA,  L=Boston,  O=OMG,  OU=DDS  SIG,  CN=DDS  Security  Specifica5on/emailAddress=dds@omg.org                  Validity                          Not  Before:  May  31  00:43:09  2012  GMT                          Not  Aer  :  May  31  00:43:09  2013  GMT                  Subject:  C=US,  ST=CA,  L=Sunnyvale,  O=ACME  Inc.,  OU=CTO  Office,  CN=DDS  Shapes  Demo/emailAddress=cto@acme.com                  Subject  Public  Key  Info:                          Public  Key  Algorithm:  rsaEncrypLon                          RSA  Public  Key:  (2048  bit)                                  Modulus  (2048  bit):                                          00:eb:4e:24:f0:99:cd:e7:a6:2b:a8:85:af:c9:44:                                          b1:6e:fd:b1:bd:f5:9e:fa:af:a3:02:57:e5:ca:de:                                          18:d6:8f:cd:67:62:c7:61:74:41:14:b1:f3:cc:20:                                          9e:31:3c:65:c0:a8:67:c7:3c:b1:2e:50:62:d5:96:                                          9b:61:5c:d0:d1:a2:65:e6:27:51:3d:33:02:de:c0:                                          6a:79:f5:a9:6b:ff:cc:17:65:a2:8b:da:bf:7b:c2:                                          ca:15:5a:5b:71:d6:84:0f:48:9a:b4:a0:35:22:55:                                          8e:bb:de:67:09:de:41:73:ea:f9:0c:8e:2c:5f:d7:                                          06:5f:d3:3d:61:59:f9:c0:87:c4:b3:41:92:2f:7e:                                          68:8d:ba:1d:45:a4:1c:5e:4c:28:11:1f:bb:a1:95:                                          84:29:ee:dc:10:fe:fc:65:~:6d:e9:66:1a:5d:93:                                          44:51:fc:49:0c:a4:ef:51:b4:1d:4b:cd:38:19:88:                                          da:74:60:21:88:7e:8b:12:92:ec:51:f3:c2:8a:60:                                          bb:9e:b4:c5:63:dd:3d:12:1a:8c:40:ee:6a:de:1c:                                          90:4c:32:c2:c5:c3:9a:57:cc:24:~:c9:8b:08:1d:                                          de:5d:06:45:81:6d:21:c3:2e:44:9f:c7:da:19:9b:                                          cc:34:21:7a:e4:cb:13:0a:d2:87:87:dc:79:c1:8a:                                          30:ed                                  Exponent:  65537  (0x10001)          Signature  Algorithm:  sha1WithRSAEncrypLon                  7e:45:b8:01:29:ea:25:6a:02:e4:6e:e4:15:10:69:a7:68:b3:                  d5:76:46:35:b7:74:09:c8:b5:6e:bf:b4:91:f1:79:03:17:d5:                  d7:94:91:12:19:b6:49:28:cc:3f:12:9c:18:bc:5a:af:e7:ea:                  4b:d4:3d:40:de:78:9c:e3:17:3c:c7:22:e5:ae:14:b9:67:6a:                  81:8e:04:05:98:86:f5:bc:99:a5:e6:2b:b6:46:34:ae:b1:df:                  b6:65:d2:1b:43:ff:6b:d4:de:10:48:16:42:aa:c3:5f:fe:e2:                  9f:72:0c:8f:54:c1:c6:e6:95:76:d3:df:be:5d:42:2f:d6:7a:                  0a:e1:31:ee:19:55:75:cc:18:54:1f:b2:c1:df:6b:65:70:de:                  3e:31:ec:9a:70:5e:9c:44:ba:ce:6c:1e:a1:c4:b3:c1:79:cf:                  f6:2a:e5:b5:0a:40:e3:32:a9:b4:f5:68:fa:15:70:77:5b:43:                  c2:67:6d:a4:07:f8:89:1c:4c:b2:68:a4:53:56:1f:91:66:78:                  62:29:1b:19:5a:19:90:92:8a:1c:f4:d5:59:29:15:83:55:94:                  e7:e8:ed:53:21:f9:2c:30:11:21:94:44:bd:73:de:60:f1:45:                  63:e9:1c:22:3b:66:f5:9e:c7:a6:d1:d1:bb:5b:26:d0:34:de:                  c8:a2:a9:83   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   64  
  • 65. SharedCA_PermissionsPlugin  (1)   •  XML  permissions  document  signed  by  shared  CA   –  Can  be  same  CA  as  for  AuthenLcaLon   –  Can  be  new  configured  CA  via  self-­‐signed  X.509  cert     –  XML  document  specifies  the  ParLcipant’s  DisLnguished  Name  from   AuthenLcaLon  cerLficate   –  PermissionsToken  is  the  PKCS7  signature  of  the  XML  document,  signed  by  the   permissions  CA.  This  is  a  widely  supported  IETF  standard   –  PermissionsToken  sent  via  regular  DDS  Discovery  as  addiLonal  EnLtyQoS   •  Permissions  document  uses  allow/deny  syntax  to  specify  which  Topics   the  ParLcipant  can  publish  and  subscribe   –  XML  Syntax  could  be  extended  to  permissions  for  instances  creaLon  and  deleLon   –  XML  Syntax  could  be  extended  to  specify  allowed  QoS  such  as  ParLLons   –  These  are  currently  not  specifiable  in  the  plugin   •  Permissions  document  also  allows  user-­‐extensibility  via  tag/value  pairs   which  are  also  signed.   6/25/12   ©  2012  Real-­‐Time  InnovaLons,  Inc.    -­‐    All  rights  reserved   65