Submit Search
Upload
DDS Security
•
6 likes
•
5,763 views
Real-Time Innovations (RTI)
Follow
Security – Presentation by Gerardo Pardo-Castellote, CTO, RTI
Read less
Read more
Technology
Slideshow view
Report
Share
Slideshow view
Report
Share
1 of 37
Download now
Download to read offline
Recommended
Component Based DDS with C++11 and R2DDS
Component Based DDS with C++11 and R2DDS
Remedy IT
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
Gerardo Pardo-Castellote
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
Jaime Martin Losa
OMG DDS Security Standard
OMG DDS Security Standard
Gerardo Pardo-Castellote
Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++
Sumant Tambe
Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference
Gerardo Pardo-Castellote
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Real-Time Innovations (RTI)
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
Jaime Martin Losa
Recommended
Component Based DDS with C++11 and R2DDS
Component Based DDS with C++11 and R2DDS
Remedy IT
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
Gerardo Pardo-Castellote
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
Jaime Martin Losa
OMG DDS Security Standard
OMG DDS Security Standard
Gerardo Pardo-Castellote
Standardizing the Data Distribution Service (DDS) API for Modern C++
Standardizing the Data Distribution Service (DDS) API for Modern C++
Sumant Tambe
Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference
Gerardo Pardo-Castellote
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Real-Time Innovations (RTI)
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
Jaime Martin Losa
Introduction to DDS
Introduction to DDS
Rick Warren
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
Vortex Tutorial Part 2
Vortex Tutorial Part 2
ADLINK Technology IoT
Communication Patterns Using Data-Centric Publish/Subscribe
Communication Patterns Using Data-Centric Publish/Subscribe
Sumant Tambe
RTI Data-Distribution Service (DDS) Master Class 2011
RTI Data-Distribution Service (DDS) Master Class 2011
Gerardo Pardo-Castellote
DDS Interoperability Demo 2013 (Washington DC)
DDS Interoperability Demo 2013 (Washington DC)
Gerardo Pardo-Castellote
DDS for JMS Programmers
DDS for JMS Programmers
Angelo Corsaro
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
Angelo Corsaro
RTI Data-Distribution Service (DDS) Master Class - 2010
RTI Data-Distribution Service (DDS) Master Class - 2010
Gerardo Pardo-Castellote
Demo of RTI DDS toolkit for LabVIEW
Demo of RTI DDS toolkit for LabVIEW
Real-Time Innovations (RTI)
Introduction to RTI DDS
Introduction to RTI DDS
Real-Time Innovations (RTI)
Best Practices Using RTI Connext DDS
Best Practices Using RTI Connext DDS
Real-Time Innovations (RTI)
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Real-Time Innovations (RTI)
Integrating DDS into AXCIOMA, the component approach
Integrating DDS into AXCIOMA, the component approach
Remedy IT
Building Reactive Applications with DDS
Building Reactive Applications with DDS
Angelo Corsaro
Two Approaches You Must Consider when Architecting Radar Systems
Two Approaches You Must Consider when Architecting Radar Systems
Real-Time Innovations (RTI)
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
Angelo Corsaro
The Data Distribution Service
The Data Distribution Service
Angelo Corsaro
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Angelo Corsaro
System integration in offshore supply vessels – how we applied DDS and redefi...
System integration in offshore supply vessels – how we applied DDS and redefi...
Real-Time Innovations (RTI)
DDS Web Enabled
DDS Web Enabled
Real-Time Innovations (RTI)
DDS Security
DDS Security
Angelo Corsaro
More Related Content
What's hot
Introduction to DDS
Introduction to DDS
Rick Warren
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
Vortex Tutorial Part 2
Vortex Tutorial Part 2
ADLINK Technology IoT
Communication Patterns Using Data-Centric Publish/Subscribe
Communication Patterns Using Data-Centric Publish/Subscribe
Sumant Tambe
RTI Data-Distribution Service (DDS) Master Class 2011
RTI Data-Distribution Service (DDS) Master Class 2011
Gerardo Pardo-Castellote
DDS Interoperability Demo 2013 (Washington DC)
DDS Interoperability Demo 2013 (Washington DC)
Gerardo Pardo-Castellote
DDS for JMS Programmers
DDS for JMS Programmers
Angelo Corsaro
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
Angelo Corsaro
RTI Data-Distribution Service (DDS) Master Class - 2010
RTI Data-Distribution Service (DDS) Master Class - 2010
Gerardo Pardo-Castellote
Demo of RTI DDS toolkit for LabVIEW
Demo of RTI DDS toolkit for LabVIEW
Real-Time Innovations (RTI)
Introduction to RTI DDS
Introduction to RTI DDS
Real-Time Innovations (RTI)
Best Practices Using RTI Connext DDS
Best Practices Using RTI Connext DDS
Real-Time Innovations (RTI)
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Real-Time Innovations (RTI)
Integrating DDS into AXCIOMA, the component approach
Integrating DDS into AXCIOMA, the component approach
Remedy IT
Building Reactive Applications with DDS
Building Reactive Applications with DDS
Angelo Corsaro
Two Approaches You Must Consider when Architecting Radar Systems
Two Approaches You Must Consider when Architecting Radar Systems
Real-Time Innovations (RTI)
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
Angelo Corsaro
The Data Distribution Service
The Data Distribution Service
Angelo Corsaro
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Angelo Corsaro
System integration in offshore supply vessels – how we applied DDS and redefi...
System integration in offshore supply vessels – how we applied DDS and redefi...
Real-Time Innovations (RTI)
What's hot
(20)
Introduction to DDS
Introduction to DDS
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Vortex Tutorial Part 2
Vortex Tutorial Part 2
Communication Patterns Using Data-Centric Publish/Subscribe
Communication Patterns Using Data-Centric Publish/Subscribe
RTI Data-Distribution Service (DDS) Master Class 2011
RTI Data-Distribution Service (DDS) Master Class 2011
DDS Interoperability Demo 2013 (Washington DC)
DDS Interoperability Demo 2013 (Washington DC)
DDS for JMS Programmers
DDS for JMS Programmers
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
RTI Data-Distribution Service (DDS) Master Class - 2010
RTI Data-Distribution Service (DDS) Master Class - 2010
Demo of RTI DDS toolkit for LabVIEW
Demo of RTI DDS toolkit for LabVIEW
Introduction to RTI DDS
Introduction to RTI DDS
Best Practices Using RTI Connext DDS
Best Practices Using RTI Connext DDS
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Integrating DDS into AXCIOMA, the component approach
Integrating DDS into AXCIOMA, the component approach
Building Reactive Applications with DDS
Building Reactive Applications with DDS
Two Approaches You Must Consider when Architecting Radar Systems
Two Approaches You Must Consider when Architecting Radar Systems
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
The Data Distribution Service
The Data Distribution Service
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
System integration in offshore supply vessels – how we applied DDS and redefi...
System integration in offshore supply vessels – how we applied DDS and redefi...
Viewers also liked
DDS Web Enabled
DDS Web Enabled
Real-Time Innovations (RTI)
DDS Security
DDS Security
Angelo Corsaro
RPC Over DDS
RPC Over DDS
Real-Time Innovations (RTI)
DDS Over Low Bandwidth Data Links
DDS Over Low Bandwidth Data Links
Real-Time Innovations (RTI)
DDS in Action -- Part I
DDS in Action -- Part I
Angelo Corsaro
OMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission document
Gerardo Pardo-Castellote
Hello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQ
Sander Mertens
Experiencing the Live IIoT
Experiencing the Live IIoT
Real-Time Innovations (RTI)
Application of DDS on modular Hardware-in-the-loop test benches at Audi
Application of DDS on modular Hardware-in-the-loop test benches at Audi
Real-Time Innovations (RTI)
DDS and OPC UA Explained
DDS and OPC UA Explained
Angelo Corsaro
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
Gerardo Pardo-Castellote
"Hello World" in OMG DDS and MQTT
"Hello World" in OMG DDS and MQTT
Sander Mertens
Is Your Distributed System Secure?
Is Your Distributed System Secure?
Real-Time Innovations (RTI)
sDDS: An Adaptable DDS Solution for Wireless Sensor Networks
sDDS: An Adaptable DDS Solution for Wireless Sensor Networks
Real-Time Innovations (RTI)
Approaches for Mitigating Discovery Problems in Larger Systems
Approaches for Mitigating Discovery Problems in Larger Systems
Real-Time Innovations (RTI)
Practical Security with MQTT and Mosquitto
Practical Security with MQTT and Mosquitto
nbarendt
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
Dominik Obermaier
The Industrial Internet of Things and RTI
The Industrial Internet of Things and RTI
Real-Time Innovations (RTI)
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
Real-Time Innovations (RTI)
Physical Security Domain
Physical Security Domain
amiable_indian
Viewers also liked
(20)
DDS Web Enabled
DDS Web Enabled
DDS Security
DDS Security
RPC Over DDS
RPC Over DDS
DDS Over Low Bandwidth Data Links
DDS Over Low Bandwidth Data Links
DDS in Action -- Part I
DDS in Action -- Part I
OMG DDS Security Specification - 4th revised submission document
OMG DDS Security Specification - 4th revised submission document
Hello World in OMG DDS and ZeroMQ
Hello World in OMG DDS and ZeroMQ
Experiencing the Live IIoT
Experiencing the Live IIoT
Application of DDS on modular Hardware-in-the-loop test benches at Audi
Application of DDS on modular Hardware-in-the-loop test benches at Audi
DDS and OPC UA Explained
DDS and OPC UA Explained
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
"Hello World" in OMG DDS and MQTT
"Hello World" in OMG DDS and MQTT
Is Your Distributed System Secure?
Is Your Distributed System Secure?
sDDS: An Adaptable DDS Solution for Wireless Sensor Networks
sDDS: An Adaptable DDS Solution for Wireless Sensor Networks
Approaches for Mitigating Discovery Problems in Larger Systems
Approaches for Mitigating Discovery Problems in Larger Systems
Practical Security with MQTT and Mosquitto
Practical Security with MQTT and Mosquitto
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
The Industrial Internet of Things and RTI
The Industrial Internet of Things and RTI
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
Physical Security Domain
Physical Security Domain
Similar to DDS Security
OMG Data-Distribution Service Security
OMG Data-Distribution Service Security
Gerardo Pardo-Castellote
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
Gerardo Pardo-Castellote
OMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submission
Gerardo Pardo-Castellote
The 5 most dangerous proxies
The 5 most dangerous proxies
seldridgeD9
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
BAKOTECH
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
ijdpsjournal
Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...
MongoDB
OMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised Submission
Gerardo Pardo-Castellote
Four keys to securing distributed control systems and the industrial (IoT)
Four keys to securing distributed control systems and the industrial (IoT)
Real-Time Innovations (RTI)
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
secued cloud
secued cloud
Devyani Vaidya
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
IJSRD
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoop
Niel Dunnage
1784 1788
1784 1788
Editor IJARCET
1784 1788
1784 1788
Editor IJARCET
Presentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
Cloud computing present
Cloud computing present
James Sutter
Checkpoint Portfolio.pptx
Checkpoint Portfolio.pptx
MarioCruz664886
Similar to DDS Security
(20)
OMG Data-Distribution Service Security
OMG Data-Distribution Service Security
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
DDS Security: A Security Model Suitable for Net-Centric for Pub-Sub and Data ...
OMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submission
The 5 most dangerous proxies
The 5 most dangerous proxies
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...
OMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised Submission
Four keys to securing distributed control systems and the industrial (IoT)
Four keys to securing distributed control systems and the industrial (IoT)
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
secued cloud
secued cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoop
1784 1788
1784 1788
1784 1788
1784 1788
Presentacion Palo Alto Networks
Presentacion Palo Alto Networks
Cloud computing present
Cloud computing present
Checkpoint Portfolio.pptx
Checkpoint Portfolio.pptx
More from Real-Time Innovations (RTI)
A Tour of RTI Applications
A Tour of RTI Applications
Real-Time Innovations (RTI)
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Real-Time Innovations (RTI)
The Inside Story: How the IIC’s Connectivity Framework Guides IIoT Connectivi...
The Inside Story: How the IIC’s Connectivity Framework Guides IIoT Connectivi...
Real-Time Innovations (RTI)
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
Real-Time Innovations (RTI)
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
Real-Time Innovations (RTI)
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
Real-Time Innovations (RTI)
How to Design Distributed Robotic Control Systems
How to Design Distributed Robotic Control Systems
Real-Time Innovations (RTI)
Fog Computing is the Future of the Industrial Internet of Things
Fog Computing is the Future of the Industrial Internet of Things
Real-Time Innovations (RTI)
Cyber Security for the Connected Car
Cyber Security for the Connected Car
Real-Time Innovations (RTI)
Space Rovers and Surgical Robots: System Architecture Lessons from Mars
Space Rovers and Surgical Robots: System Architecture Lessons from Mars
Real-Time Innovations (RTI)
Advancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen Automotive
Real-Time Innovations (RTI)
Learn About FACE Aligned Reference Platform: Built on COTS and DO-178C Certif...
Learn About FACE Aligned Reference Platform: Built on COTS and DO-178C Certif...
Real-Time Innovations (RTI)
How the fusion of time sensitive networking, time-triggered ethernet and data...
How the fusion of time sensitive networking, time-triggered ethernet and data...
Real-Time Innovations (RTI)
Secrets of Autonomous Car Design
Secrets of Autonomous Car Design
Real-Time Innovations (RTI)
Cybersecurity Spotlight: Looking under the Hood at Data Breaches and Hardenin...
Cybersecurity Spotlight: Looking under the Hood at Data Breaches and Hardenin...
Real-Time Innovations (RTI)
Data Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of Things
Real-Time Innovations (RTI)
Developing Mission-Critical Avionics and Defense Systems with Ada and DDS
Developing Mission-Critical Avionics and Defense Systems with Ada and DDS
Real-Time Innovations (RTI)
IoT and M2M Safety and Security
IoT and M2M Safety and Security
Real-Time Innovations (RTI)
Slash Avionics Integration Costs with DO-178C Certifiable Connectivity Software
Slash Avionics Integration Costs with DO-178C Certifiable Connectivity Software
Real-Time Innovations (RTI)
Tech Mahindra - Connected Engineering
Tech Mahindra - Connected Engineering
Real-Time Innovations (RTI)
More from Real-Time Innovations (RTI)
(20)
A Tour of RTI Applications
A Tour of RTI Applications
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
The Inside Story: How the IIC’s Connectivity Framework Guides IIoT Connectivi...
The Inside Story: How the IIC’s Connectivity Framework Guides IIoT Connectivi...
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
How to Design Distributed Robotic Control Systems
How to Design Distributed Robotic Control Systems
Fog Computing is the Future of the Industrial Internet of Things
Fog Computing is the Future of the Industrial Internet of Things
Cyber Security for the Connected Car
Cyber Security for the Connected Car
Space Rovers and Surgical Robots: System Architecture Lessons from Mars
Space Rovers and Surgical Robots: System Architecture Lessons from Mars
Advancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen Automotive
Learn About FACE Aligned Reference Platform: Built on COTS and DO-178C Certif...
Learn About FACE Aligned Reference Platform: Built on COTS and DO-178C Certif...
How the fusion of time sensitive networking, time-triggered ethernet and data...
How the fusion of time sensitive networking, time-triggered ethernet and data...
Secrets of Autonomous Car Design
Secrets of Autonomous Car Design
Cybersecurity Spotlight: Looking under the Hood at Data Breaches and Hardenin...
Cybersecurity Spotlight: Looking under the Hood at Data Breaches and Hardenin...
Data Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of Things
Developing Mission-Critical Avionics and Defense Systems with Ada and DDS
Developing Mission-Critical Avionics and Defense Systems with Ada and DDS
IoT and M2M Safety and Security
IoT and M2M Safety and Security
Slash Avionics Integration Costs with DO-178C Certifiable Connectivity Software
Slash Avionics Integration Costs with DO-178C Certifiable Connectivity Software
Tech Mahindra - Connected Engineering
Tech Mahindra - Connected Engineering
Recently uploaded
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
Recently uploaded
(20)
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
DDS Security
1.
DDS DDS Security
Gerardo Pardo-‐Castellote, Ph.D. Chief Technology Officer, RTI October 2014
2.
© 2014 Real-‐Time
InnovaFons, Inc.
3.
Data-‐Centric Qos-‐Aware Pub-‐Sub
Model Virtual, decentralized global data space Persistence Service Recording Service © 2014 Real-‐Time InnovaFons, Inc. CRUD operaFons Source (Key) Speed Power Phase WPT1 37.4 122.0 -12.20 WPT2 10.7 74.0 -12.23 WPTN 50.2 150.07 -11.98
4.
Is there a
Conflict? • Security… © 2014 Real-‐Time InnovaFons, Inc. – desires to restrict communicaFon to only happen between authorized subjects – requires to confidenFality so that only communicaFng subjects see the informaFon • PubSub/DDS – aWempts to create a ‘global informaFon space’ where anybody can access the informaFon it needs – de-‐couples communicaFons so publishers are unaware of subscribers and vice-‐versa 4
5.
No Conflict: Security
in the Global InformaFon Space The key is to use a net-‐centric security model © 2014 Real-‐Time InnovaFons, Inc. • Publishers are decoupled from subscribers via the Global InformaFon Space – This does not mean loss of access control to the informaFon – It means that the InformaFon Space must have an associated security model • DDS can use standard PKI and cryptographic techniques to enforce the security policies • The situaFon is analogous to access control policies in a file system
6.
Security Terms: a
Safe-‐Deposit Box • AuthenFcaFon: The bank knows who you are; © 2014 Real-‐Time InnovaFons, Inc. you must show ID. • Access Control: The bank only lets those on an access list into your box. • ConfidenFality: You are alone in the room Nobody can see the contents of the box. • Integrity: The box is sealed. If anybody touches it you will know. • Non repudiaFon: You sign when you come in and out so you can’t claim that you weren’t there. • Availability: The bank is always open.
7.
Threats 1. Unauthorized
subscripFon 2. Unauthorized publicaFon 3. Tampering and replay 4. Unauthorized access to data by infrastructure services 10/30/14 7 © 2014 Real-‐Time InnovaFons, Inc. Alice: Allowed to publish topic T Bob: Allowed to subscribe to topic T Eve: Non-‐authorized eavesdropper Trudy: Intruder Trent: Trusted infrastructure service Mallory: Malicious insider
8.
Data-‐centric/mulFcast Insider Threats
• Two insider threats affecFng (mulFcast) data-‐ centric systems are of unique significance 1. Reader mis-‐behaves as unauthorized writer An applicaFon uses knowledge gained as authorized reader to spoof the system as a writer 2. Compromise of Infrastructure Service A service that is trusted to read and write data on behalf of others (e.g. a persistence service ) becomes compromised 10/30/14 8 © 2014 Real-‐Time InnovaFons, Inc.
9.
Session Sequence Number
AWack • Background: © 2014 Real-‐Time InnovaFons, Inc. – Reliable protocols rely on a session_id and a sequence number to avoid duplicates and detect message loss – RTPS protocol can use GAP messages and HeartBeat messages to advance the session (DataWriter) sequence number • Vulnerability: – An aWacker can spoof a packet with the session ID and Hearbeat/GAP causing the DataReader to advance the session sequence-‐numbers blocking future messages recepFon – AWacker only needs GUID of the DataWriter to aWack, which can be obtained from snooping traffic. – AWack can be used to prevent the AuthenFcaFon of legiFmate ParFcipants
10.
Squakng AWack on
GUID • Background: © 2014 Real-‐Time InnovaFons, Inc. – DDS DomainParFcipants are idenFfied by unique GUID, Readers/Writers derive their GUID from it. – GUID used to uniquely idenFfies the RTPS sessions and the locaFon of each parFcipant • Vulnerability: – An aWacker with legit IdenFty can authenFcate using the GUID of another ParFcipant – AWacker with be accepted with “cuckooed” GUID blocking legiFmate ParFcipant from using its GUID – AWacker only needs GUID of the ParFcipant to aWack, which can be obtained from snooping traffic.
11.
DDS Security covers
4 related concerns Security Model © 2014 Real-‐Time InnovaFons, Inc. Security Plugin APIs & Behavior DDS & RTPS support for Security BuilHn Plugins
12.
Security Model Example:
UNIX FileSystem (simplified) • Subjects: Users, specifically processes execuFng on behalf of a specific userid © 2014 Real-‐Time InnovaFons, Inc. • Protected Objects: Files and Directories • Protected OperaFons on Objects: – Directory.list, Directory.createFile, Directory.createDir, Directory.removeFile, Directory.removeDir, Directory.renameFile – File.view, File.modify, File.execute • Access Control Model: – A subject is given a userId and a set of groupId – Each object is assigned a OWNER and a GROUP – Each Object is given a combinaFon of READ, WRITE, EXECUTE permissions for the assigned OWNER and GROUP – Each protected operaFon is mapped to a check, for example • File.view is allowed if and only if – File.owner == Subject.userId AND File.permissions(OWNER) includes READ – OR File.group IS-‐IN Subject.groupId[] AND File.permissions(GROUP) includes READ
13.
© 2014 Real-‐Time
InnovaFons, Inc. DDS Security Model 10/30/14 © 2012 Real-‐Time InnovaFons, Inc. -‐ All rights reserved 13 Concept Unix Filesystem Security Model DDS Security Model Subject User Process execuFng for a user DomainParFcipant ApplicaFon joining a DDS domain Protected Objects Directories Files Domain (by domain_id) Topic (by Topic name) DataObjects (by Instance/Key) Protected OperaFons Directory.list, Directory.create (File, Dir) Directory.remove (File, Dir) Directory.rename (File, Dir) File.read, File.write, File.execute Domain.join Topic.create Topic.read (includes QoS) Topic.write (includes QoS) Data.createInstance Data.writeInstance Data.deleteInstance Access Control Policy Control Fixed in Kernel Configurable via Plugin BuilFn Access Control Mode Per-‐File/Dir Read/Write/ Execute permissions for OWNER, GROUP, USERS Per-‐DomainParFcipant Permissions : What Domains and Topics it can JOIN/READ/WRITE
14.
Support for Security
in DDS & RTPS • DDS ParFcipants need to exchange security informaFon © 2014 Real-‐Time InnovaFons, Inc. – CerFficates for AuthenFcaFon & Permissions – Handshake messages for mutual authenFcaFon and shared-‐ secret establishment – KeyTokens for key-‐exchange (Including MulFcast Key Exchange) • Some reuse of exisFng DDS mechanisms – BuilFn ParFcipant data readers / writers – Discovery topic-‐types • AddiFon of secure discovery topics • AddiFon of a InterparFcipantStatelessWriter/Reader • EncrypFon and signatures introduce new RTPS Submessage and Submessage elements – SecureSubMessage – SecuredData 10/30/14 14
15.
Pluggable Security Architecture
Transport (e.g. UDP) Crypto Module (e.g. TPM ) © 2014 Real-‐Time InnovaFons, Inc. App. AApppp. . Other DDS System Secure DDS middleware AuthenFcaFon Plugin Access Control Plugin Cryptographic Plugin Secure Kernel cerFficates applicaFon component ? Data cache Protocol Engine Kernel Policies DDS EnFFes ? Network Driver Network Encrypted Data Other DDS System Other DDS System Logging Plugin DataTagging Plugin MAC
16.
Plaworm Independent IntercepFon
Pts + SPIs © 2014 Real-‐Time InnovaFons, Inc. 10/30/14 © 2012 Real-‐Time InnovaFons, Inc. -‐ All rights reserved 16 Service Plugin Purpose Interactions Authentication Authenticate the principal that is joining a DDS Domain. Handshake and establish shared secret between participants The principal may be an application/process or the user associated with that application or process. Participants may messages to do mutual authentication and establish shared secret Access Control Decide whether a principal is allowed to perform a protected operation. Protected operations include joining a specific DDS domain, creating a Topic, reading a Topic, writing a Topic, etc. Cryptography Perform the encryption and decryption operations. Create & Exchange Keys. Compute digests, compute and verify Message Authentication Codes. Sign and verify signatures of messages. Invoked by DDS middleware to encrypt data compute and verify MAC, compute & verify Digital Signatures Logging Log all security relevant events Invoked by middleware to log Data Tagging Add a data tag for each data sample
17.
© 2014 Real-‐Time
InnovaFons, Inc. BuilFn Plugins SPI BuilHn Plungin Notes AuthenFcaFon DDS:Auth:PKI-‐RSA/DSA-‐DH Uses PKI with a pre-‐configured shared CerFficate Authority. DSA and Diffie-‐Hellman for authenFcaFon and key exchange Establishes shared secret AccessControl DDS:Access:PKI-‐Signed-‐ XML-‐Permissions Governance Document and Permissions Document Each signed by shared CerFficate Authority Cryptography DDS:Crypto:AES-‐CTR-‐ HMAC-‐RSA/DSA-‐DH Protected key distribuFon AES128 and AES256 for encrypFon (in counter mode) SHA1 and SHA256 for digest HMAC-‐SHA1 and HMAC-‐256 for MAC DataTagging Discovered_EndpointTags Send Tags via Endpoint Discovery Logging DedicatedDDS_LogTopic
18.
DDS Security Flow
Domain ParFcipant Create Fails AuthenFcate AuthenFcate DP? © 2014 Real-‐Time InnovaFons, Inc. Yes DP? No Ignore Remote DP AuthenFcate Remote DP? No Yes No Yes Access OK? Ignore remote endpoint Message security Endpoint Create Fails Yes Access OK? No Create Domain ParFcipant Create Endpoints Discover remote DP Discover remote Endpoints Send/ Receive data
19.
Cryptographic SPI at
the wire-‐protocol level Message TransformaFon © 2014 Real-‐Time InnovaFons, Inc. RTPS Header RTPS SubMessage SerializedData RTPS SubMessage SerializedData RTPS Header RTPS SubMessage (*) RTPS SubMessage (*) RTPS SubMessage SecuredData SerializedData RTPS SubMessage (*) RTPS SubMessage SecuredData SerializedData Secure encoding Secure decoding
20.
Crypto-‐AES-‐CTR-‐HMAC-‐RSA/DSA-‐DH • EncrypFon
uses AES in counter mode © 2014 Real-‐Time InnovaFons, Inc. – Similar to SRTP, but enhanced to support mulFple topics within a single RTPS message and infrastructure services like a relay or persistence • Use of counter mode turns the AES block cipher into a stream cipher – Each DDS sample is separately encrypted and can be decrypted without process the previous message • This is criFcal to support DDS QoS like history, content filters, best-‐efforts etc. • DSA and Diffie-‐Hellman used for mutual authenFcaFon and secure key exchange MR# 6.5.3
21.
BuilFn DDS:Auth:PKI-‐DSA-‐DH •
Uses shared CerFficate Authority (CA) © 2014 Real-‐Time InnovaFons, Inc. – All ParFcipants pre-‐configured with shared-‐CA • Performs mutual authenFcaFon between discovered parFcipants using the Digital Signature Algorithm (DSA) • Establishes a shared secret using Diffie-‐Hellman.
22.
Remote ParFcipant AuthenFcaFon
ParFcipants detect each other via discovery and exchange IdenFty and Permission Tokens (Hashes) © 2014 Real-‐Time InnovaFons, Inc.
23.
Remote ParFcipant AuthenFcaFon
Each ParFcipant calls validate_remote_idenFty(). ParFcipant with highest GUID returns PENDING_HANDSHAKE_REQUEST, the other PENDING_HANDSHAKE_MESSAGE © 2014 Real-‐Time InnovaFons, Inc.
24.
Remote ParFcipant AuthenFcaFon
ParFcipant1 creates CHALLENGE1 = “CHALLENGE:<nonce> and sends message via ParFcipantMessageWriter with messageToken1:= {CHALLENGE1, IdenFty1, Permissions1} © 2014 Real-‐Time InnovaFons, Inc.
25.
Remote ParFcipant AuthenFcaFon
ParFcipant2 validates IdenFty of ParFcipant1 against CA ParFcipant2 creates CHALLENGE2 := CHALLENGE:<nonce> ParFcipant2 sends to ParFcipant1 message with messageToken2:= { SIGN(HASH(CHALLENGE1#IdenFty1#Permissions1)), CHALLENGE2, IdenFty2, © 2014 Permissions2} Real-‐Time InnovaFons, Inc.
26.
Part1 validates IdenFty
of ParFcipant2 against CA Part1 verifies SIGN(CHALLENGE1) using ParFcipant2’s PK Part1 computes a SharedSecret Part1 sends message with contents: messageToken3 := { ENCRYPT(SharedSecret), SIGN( HASH(CHALLENGE2 # IdenFty2 # Permissions2 # ENCRYPT(SharedSecret))) } 10/30/14 26 © 2014 Real-‐Time InnovaFons, Inc. Encrypt uses Part2’s PK. Remote ParFcipant AuthenFcaFon
27.
Remote ParFcipant AuthenFcaFon
Part2 verifies SIGN( HASH(CHALLENGE2 #IdenFty2#Permissions2# ENCRYPT(SharedSecret))) 10/30/14 © 2012 Real-‐Time InnovaFons, Inc. -‐ All rights reserved 27 © 2014 Real-‐Time InnovaFons, Inc. using Part1’s PK Part2 decrypts ENCRYPT(SharedSecret) using its own PK We have Mutual AuthenHcaHon and a SharedSecret
28.
BuilFn DDS:AC:PKI SPI
• Configured © 2014 Real-‐Time InnovaFons, Inc. with: – X.509 CerFficate of shared Permissions CA – The Domain governance signed by the Permissions CA – The DomainParFcipant permissions signed by the Permissions CA • The Domain governance configures – Which topics shall be secured and how – Whether discovery is secured and how • DomainParFcipant permissions – Specifies what Domains Id can be joined by the DomainParFcipant – Specified which Topics and be Read/WriWen by the DomainParFcipant on each DomainId – Ties to the SubjectName matching the one on IdenFtyCerFficate 10/30/14 28
29.
Example Domain Governance
© 2014 Real-‐Time InnovaFons, Inc.
30.
ConfiguraFon possibiliFes •
Are “legacy” or un-‐idenFfied applicaFons allowed in the © 2014 Real-‐Time InnovaFons, Inc. Domain? Yes or No. – If yes an UnauthenFcated applicaFons will: • See the “unsecured” discovery Topics • Be allowed to read/write the “unsecured” Topics • Is a parFcular Topic discovered over protected discovery? – If so it can only be seen by “authenFcated applicaFons” • Is a access parFcular Topic protected? – If so only authenFcated applicaFons with the correct permissions can read/write • Is data on a parFcular Topic protected? How? – If so data will be sent signed or encrypted+signed • Are all protocol messages signed? Encrypted? – If so only authenFcated applicaFons with right permissions will see anything
31.
Example Permissions ©
2014 Real-‐Time InnovaFons, Inc.
32.
Secure discovery •
AddiFonal built-‐in endpoints: – DCPSPublicaFonsSecure – DCPSSubscripFonsSecure • Same discovery topic-‐data but encrypted & signed • OperaFon AccessControl::get_endpoint_security_attributes() controls which Topics use Secure Discovery 10/30/14 32 © 2014 Real-‐Time InnovaFons, Inc.
33.
ConfiguraFon PossibiliFes ©
2014 Real-‐Time InnovaFons, Inc. • Is the access to a parFcular Topic protected? – If so only authenFcated applicaFons with the correct permissions can read/write • Is data on a parFcular Topic protected? How? – If so data will be sent signed or encrypted+signed • Are all protocol messages signed? Encrypted? – If so only authenFcated applicaFons with right permissions will see anything
34.
More Powerful Than
Other Secure Middleware Technologies • Standard & Interoperable © 2014 Real-‐Time InnovaFons, Inc. • Scalable: Supports mulFcast • Fine-‐grain: Control Topic-‐level aspect • Flexible: Build your own plugins • Generic: Works over any Transport • Transparent: No changes to ApplicaFon Code!
35.
DDS-‐Secure Standard Status
© 2014 Real-‐Time InnovaFons, Inc. • The specificaFon was adopted in March 2014. – Considered “Beta” for 1 year – RTI chairing the FinalizaFon Task Force • This specificaFon provides a framework for securing DDS systems. The builFn plugins provide a “common” approach for applicaFons without specialized requirements – It is expected that plugins will be developed to match more specialized deployments and integrate with exisFng infrastructure. 10/30/14 35
36.
QuesFons? © 2014
Real-‐Time InnovaFons, Inc.
37.
© 2014 Real-‐Time
InnovaFons, Inc. Find out more… dds.omg.org www.omg.org www.rF.com community.rF.com demo.rF.com www.youtube.com/realFmeinnovaFons blogs.rF.com www.twiWer.com/RealTimeInnov www.facebook.com/RTIsoƒware www.slideshare.net/GerardoPardo www.slideshare.net/RealTimeInnovaFons
Download now