SlideShare a Scribd company logo
1 of 69
Download to read offline
Your	
  systems.	
  Working	
  as	
  one.	
  




DDS	
  SECURITY	
  
4rd	
  Revised	
  Submission	
  (Joint)	
  
mars/2013-­‐03-­‐10	
  




Doc	
  num:	
  mars/2013-­‐03-­‐10	
                                                   SubmiRers:	
  
SpecificaKon	
  lead:	
                                                                 Real-­‐Time	
  InnovaKons,	
  Inc.	
  
Gerardo	
  Pardo-­‐Castellote,	
  Ph.D.	
                                              PrismTech	
  Corp.	
  
CTO,	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
                                           eProsima	
  (supporter)	
  
                               ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
  
Agenda	
  
  •  Status	
  recap	
  
  •  Summary	
  of	
  submission	
  
  •  What	
  has	
  changed?	
  
  •  Some	
  details	
  
  •  Status	
  &	
  Conclusion	
  




3/21/13	
           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     2	
  
Status	
  recap	
  
  •  Started	
  with	
  two	
  separate	
  submissions	
  by	
  RTI	
  
     and	
  PrismTech	
  
              –  RTI	
  submission	
  focused	
  on	
  the	
  mandatory	
  
                 requirements	
  for	
  an	
  SPI	
  Architecture	
  and	
  built-­‐in	
  
                 SPIs	
  
              –  PrismTech	
  discussed	
  on	
  the	
  use	
  of	
  technologies	
  
                 such	
  as	
  (MIKEY	
  /	
  SRTP)	
  to	
  support	
  the	
  needs	
  of	
  
                 secure	
  DDS	
  
  •  As	
  of	
  the	
  December	
  2012	
  meeKng	
  PrismTech	
  
     joined	
  the	
  RTI	
  submission	
  
3/21/13	
                          ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     3	
  
Agenda	
  
  •  Status	
  recap	
  
  •  Summary	
  of	
  submission	
  
  •  What	
  has	
  changed?	
  
  •  How	
  the	
  submission	
  allows	
  a	
  specializaKon	
  to	
  
     use	
  MIKEY	
  and	
  SRTP	
  
  •  Status	
  &	
  Conclusion	
  



3/21/13	
             ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     4	
  
Intro	
  to	
  DDS	
  Security	
  and	
  scope	
  of	
  
         this	
  specificaKon	
  

3/21/13	
                ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     5	
  
Security	
  as	
  a	
  system	
  problem	
  
                  •  UlKmately	
  security	
  is	
  a	
  system	
  property	
  
                      –  Involves	
  hardware,	
  so`ware,	
  humans,	
  
                         procedures…	
  
                  •  Most	
  directly	
  related:	
  
Scope	
  of	
         1.  Securing	
  the	
  data-­‐centric	
  bus	
  
the	
  RFP	
  
                      2.  IntegraKng	
  across	
  security	
  domains	
  
Out	
                 3.  Securing	
  the	
  operaKng	
  system	
  
of	
  Scope	
  
                      4.  Securing	
  the	
  hardware	
  &	
  so`ware	
  
                          configuraKon	
  


 3/21/13	
                    ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     6	
  
Three	
  security	
  boundaries	
  
    Ul:mately	
  you	
  need	
  to	
  implement	
  the	
  3	
  of	
  them	
  

  •  Boundary	
  security	
  

  •  Transport-­‐Level	
  	
  
              –  Network	
  (layer	
  3)	
  security	
  
              –  Session	
  (layer	
  4/5)	
  security	
  


  •  Fine-­‐grained	
  Data-­‐Centric	
  
     Security	
  
                      Scope	
  of	
  the	
  DDS	
  Security	
  RFP	
  
3/21/13	
                         ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     7	
  
Fine-­‐Grained	
  Data-­‐Centric	
  Security	
  




                                                 Topics	
  

  •  Access	
  control	
  per	
  Topic	
  
  •  Read	
  versus-­‐write	
  permissions	
  
  •  Field-­‐specific	
  permissions	
  
3/21/13	
            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     8	
  
Threats	
  
Alice:	
  Allowed	
  to	
  publish	
  topic	
  T	
                                                       1.                 Unauthorized	
  subscripKon	
  
Bob:	
  Allowed	
  to	
  subscribe	
  to	
  topic	
  T	
  
Eve:	
  Non-­‐authorized	
  eavesdropper	
  	
                                                           2.                 Unauthorized	
  publicaKon	
  
Trudy:	
  Intruder	
                                                                                     3.                 Tampering	
  and	
  replay	
  	
  
Trent:	
  Trusted	
  infrastructure	
  service	
  
Mallory:	
  Malicious	
  insider	
  
                                                                                                         4.                 Unauthorized	
  access	
  to	
  data	
  
                                                                                                                            by	
  infrastructure	
  services	
  	
  




      3/21/13	
                                  ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                   9	
  
Data-­‐centric/mulKcast	
  Insider	
  Threats	
  	
  
  •  Two	
  insider	
  threats	
  affecKng	
  (mulKcast)	
  data-­‐
     centric	
  systems	
  are	
  of	
  unique	
  significance	
  
              1.  Reader	
  mis-­‐behaves	
  as	
  unauthorized	
  writer	
  
                 An	
  applicaKon	
  uses	
  knowledge	
  gained	
  as	
  authorized	
  
                        reader	
  to	
  spoof	
  the	
  system	
  as	
  a	
  writer	
  


              2.  Compromise	
  of	
  Infrastructure	
  Service	
  	
  
                 A	
  service	
  that	
  is	
  trusted	
  to	
  read	
  and	
  write	
  data	
  on	
  behalf	
  
                        of	
  others	
  (e.g.	
  a	
  	
  persistence	
  service	
  )	
  becomes	
  
                        compromised	
  	
  


3/21/13	
                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     10	
  
Reader	
  mis-­‐behaves	
  as	
  unauthorized	
  
      writer	
  
•  SituaKon:	
  
      –       Alice	
  -­‐	
  	
  creates	
  a	
  Crypto	
  Key	
  per	
  Topic/DataWriter	
  
      –       Alice	
  -­‐	
  shares	
  its	
  Key	
  with	
  all	
  intended	
  readers	
  as	
  needed	
  to	
  mulKcast	
  
      –       Mallory	
  –	
  is	
  an	
  authorized	
  reader	
  so	
  it	
  has	
  Alice’s	
  key	
  
      –       Mallory	
  –	
  behaves	
  maliciously	
  and	
  uses	
  Alice’s	
  key	
  to	
  create	
  fake	
  UDP	
  messages	
  pumng	
  
              Alice’s	
  informaKon	
  (IP,	
  Port,	
  GUIDs,	
  etc.)	
  but	
  with	
  bad	
  data.	
  

•  ImplicaKons:	
  
      –  Bob	
  sees	
  message	
  from	
  Mallory	
  and	
  processes	
  it	
  believing	
  it	
  is	
  from	
  Alice	
  
      –  Mallory	
  can	
  provide	
  a	
  system-­‐wide	
  failure	
  for	
  all	
  subscribers	
  to	
  topic	
  T,	
  making	
  them	
  process	
  
         wrong	
  data,	
  delete	
  instances,	
  	
  
      –  Depending	
  on	
  the	
  Topic	
  this	
  can	
  be	
  catastrophic	
  for	
  the	
  system	
  

•  Notes:	
  
      –  The	
  problem	
  is	
  that	
  all	
  secrets	
  shared	
  by	
  Alice	
  and	
  Bob	
  are	
  also	
  known	
  	
  to	
  Mallory	
  
                  •  So	
  the	
  aRack	
  cannot	
  be	
  solved	
  with	
  a	
  MAC	
  or	
  HMAC	
  if	
  Alice’s	
  key	
  is	
  also	
  shared	
  with	
  all	
  readers…	
  
      –  The	
  problem	
  can	
  be	
  solved	
  with	
  a	
  digital	
  signature	
  but	
  that	
  is	
  1000X	
  slower	
  than	
  a	
  MAC	
  



    3/21/13	
                                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                   11	
  
Summary	
  of	
  RFP	
  requirements	
  


3/21/13	
             ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     12	
  
RFP	
  Mandatory	
  Requirements	
  
Proposals	
  shall	
  define	
  …	
  
  6.5.1	
  	
  …	
  a	
  Plaoorm	
  Independent	
  Security	
  Model	
  for	
  DDS	
  	
  
                    independent	
  of	
  the	
  programming	
  language	
  used…	
  
  6.5.2	
  	
  …	
  a	
  collecKon	
  of	
  Plaoorm	
  Independent	
  IntercepKon	
  
                    Points	
  and	
  	
  SPIs	
  …	
  
  6.5.3	
  …	
  	
  built-­‐in	
  Plaoorm	
  Independent	
  Security	
  Plugins	
  that	
  
                    implement	
  the	
  Plaoorm	
  Independent	
  Interfaces	
  
  6.5.4	
  	
  …	
  plaoorm	
  specific	
  mappings	
  for	
  the	
  built-­‐in	
  plugins	
  to	
  
                    all	
  the	
  language	
  PSMs	
  supported	
  by	
  DDS	
  
  6.5.5	
  …	
  	
  how	
  the	
  DDS	
  Interoperability	
  Wire	
  Protocol	
  is	
  used	
  
                    to	
  allow	
  DDS	
  applicaKons	
  to	
  interoperate	
  securely	
  

 3/21/13	
                    ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     13	
  
Mandatory	
  Requirements	
  6.5.1:	
  
    Security	
  Model	
  
The	
  Security	
  Model	
  for	
  DDS	
  shall	
  …	
  
   6.5.1.1	
  	
  …	
  support	
  mechanisms	
  that	
  establish	
  the	
  ability	
  for	
  a	
  DDS	
  ParKcipant	
  to	
  run	
  in	
  a	
  
                       plaoorm	
  
   6.5.1.2	
  	
  …	
  support	
  mechanisms	
  to	
  configure	
  and	
  access	
  the	
  credenKals	
  of	
  the	
  underlying	
  
                       DDS	
  ParKcipants	
  …	
  
   6.5.1.3	
  …	
  	
  allow	
  specificaKon	
  of	
  authorizaKon	
  policies,	
  controlling	
  
                   	
  [1]	
  Joining	
  a	
  DDS	
  Domain	
  
                   	
  [2]	
  Access	
  to	
  DDS	
  Discovery	
  Data	
  
                   	
  [3]	
  Publishing	
  a	
  DDS	
  Topic,	
  	
  [4]	
  Subscribing	
  to	
  a	
  DDS	
  Topic	
  
                   	
  [5]	
  Publishing	
  on	
  a	
  DDS	
  ParKKon,	
  [6]	
  Subscribing	
  on	
  a	
  DDS	
  ParKKon	
  
   6.5.1.4	
  	
  …	
  include	
  the	
  concept	
  of	
  data	
  tagging	
  
   6.5.1.5	
  …	
  	
  support	
  mechanism	
  for	
  ensuring	
  data	
  integrity,	
  including	
  
                   	
  [1]	
  traceability,	
  pedigree,	
  and	
  tamper	
  
                   	
  [2]	
  digital	
  signatures	
  
                   	
  [3]	
  data	
  encrypKon	
  
                   	
  [4]	
  use	
  of	
  different	
  keys	
  for	
  data	
  from	
  different	
  DataWriters	
  
  3/21/13	
                                  ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     14	
  
Mandatory	
  Requirements	
  6.5.2:	
  	
  
    Set	
  of	
  IntercepKon	
  Points	
  and	
  SPIs	
  

The	
  Plugin	
  SPIs	
  shall	
  …	
  
   6.5.2.1	
  	
  …	
  allow	
  applicaKons	
  to	
  exchange	
  credenKals	
  with	
  a	
  DDS	
  ParKcipant	
  
                   	
  [1]	
  exchanging	
  credenKals	
  for	
  authenKcaKon	
  
                   	
  [2]	
  delegaKon	
  of	
  authority	
  for	
  authenKcaKon	
  
   6.5.2.2	
  	
  …	
  allow	
  an	
  external	
  plugin	
  to	
  perform	
  all	
  the	
  authorizaKon	
  funcKons	
  	
  
                   	
  [1]	
  full	
  support	
  of	
  the	
  authorizaKon	
  policies	
  
                   	
  [3]	
  support	
  delegaKon	
  of	
  authority	
  
                   	
  [4]	
  support	
  delegaKon	
  of	
  authority	
  separately	
  for	
  each	
  DDS	
  Topic	
  
   6.5.2.3	
  …	
  	
  allow	
  an	
  external	
  plugin	
  to	
  perform	
  all	
  the	
  tagging	
  and	
  tag-­‐accessing	
  funcKons	
  
   6.5.2.4	
  	
  …	
  allow	
  an	
  external	
  plugin	
  to	
  perform	
  all	
  the	
  encrypKon	
  and	
  decrypKon	
  
                       funcKons	
  
   6.5.2.5	
  …	
  	
  external	
  plugin	
  to	
  perform	
  all	
  the	
  digital	
  signing	
  and	
  verificaKon	
  funcKons	
  




  3/21/13	
                                ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     15	
  
RFP	
  OpKonal	
  Requirements	
  
Proposals	
  may	
  define	
  authorizaKon	
  policies	
  that	
  control	
  	
  …	
  
  6.6.1	
  …	
  the	
  content	
  a	
  DDS	
  ParKcipant	
  is	
  allowed	
  to	
  publish	
  on	
  a	
  Topic.	
  
  6.6.2	
  …	
  the	
  content	
  a	
  DDS	
  ParKcipant	
  is	
  allowed	
  to	
  subscribe	
  on	
  a	
  Topic..	
  
  6.6.3	
  …	
  the	
  QoS	
  Policies	
  a	
  DDS	
  ParKcipants	
  can	
  use	
  when	
  publishing	
  a	
  Topic	
  
  6.6.4	
  …	
  the	
  QoS	
  Policies	
  a	
  DDS	
  ParKcipant	
  can	
  use	
  when	
  subscribing	
  to	
  a	
  
              Topic.	
  

  Proposals	
  may	
  define	
  …	
  
  6.6.5	
  …	
  data-­‐tagging	
  plugins	
  that	
  apply	
  different	
  tags	
  for	
  each	
  data-­‐sample	
  
              published	
  by	
  a	
  DDS	
  DataWriter.	
  
  6.6.6	
  …	
  built-­‐in	
  plugins	
  that	
  interoperate	
  with	
  standard	
  authenKcaKon	
  and	
  
              authorizaKon	
  protocols	
  and	
  services,	
  such	
  as,	
  LDAP	
  and	
  SAML.	
  
  6.6.7	
  …	
  a	
  PSM	
  mapping	
  of	
  the	
  DDS-­‐RTPS	
  Interoperability	
  Wire	
  Protocol	
  to	
  a	
  
              secure	
  transport,	
  such	
  as,	
  DTLS.	
  
  6.6.8	
  …	
  a	
  PSM	
  of	
  the	
  DDS-­‐RTPS	
  Interoperability	
  Wire	
  Protocol	
  allowing	
  
              interoperability	
  over	
  UnidirecKonal	
  Transports.	
  

  3/21/13	
                           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     16	
  
Summary	
  of	
  DDS	
  Security	
  spec.	
  


3/21/13	
              ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     17	
  
Submission	
  Guiding	
  Principles	
  
•  Performance	
  &	
  Scalability	
  
        –  Do	
  not	
  impact	
  parts	
  of	
  the	
  system	
  that	
  do	
  not	
  have	
  security	
  needs	
  
        –  Allow	
  opKng	
  out	
  of	
  specific	
  features	
  such	
  as	
  MAC,	
  EncrypKon.	
  Digital	
  Signature	
  with	
  sufficient	
  
           granularity	
  
        –  Limit	
  use	
  of	
  asymmetric	
  keys	
  to	
  discovery	
  &	
  session	
  establishment	
  	
  
        –  Support	
  MulKcast	
  
•  Robustness	
  &	
  Availability	
  
        –       Be	
  robust	
  to	
  the	
  failure	
  or	
  compromise	
  of	
  any	
  single	
  component.	
  
        –       Limit	
  privileges	
  of	
  infrastructure	
  services	
  and	
  relays	
  
        –       Avoid	
  centralized	
  policy	
  decisions/services	
  
        –       Avoid	
  mulK-­‐party	
  key	
  agreement	
  protocols	
  
•  Fitness	
  to	
  data-­‐centric	
  model	
  
        –  Express	
  policies	
  and	
  permissions	
  in	
  terms	
  of	
  familiar	
  DDS	
  terminology	
  and	
  objects	
  
        –  Support	
  all	
  of	
  DDS:	
  consumpKon	
  of	
  samples	
  out	
  of	
  order,	
  best	
  efforts,	
  Kme	
  filters,	
  history	
  cache,	
  
           etc.	
  
•  Leverage	
  exis:ng	
  technologies	
  
        –  Support	
  plugging	
  in	
  exiKng	
  technologies	
  for	
  ciphers,	
  MAC,	
  PKI	
  
•  Ease	
  of	
  use	
  &	
  Flexibility	
  
        –  DO	
  not	
  preclude	
  integraKng	
  with	
  their	
  exisKng	
  security	
  and	
  crypto	
  infrastructure.	
  
      3/21/13	
                                      ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     18	
  
Audience	
  and	
  Purpose	
  for	
  this	
  SpecificaKon	
  
 •  Audience:	
  
        –  DDS	
  vendors/implementers,	
  not	
  the	
  users	
  of	
  DDS	
  
 •  Purpose:	
  
        –  Define	
  a	
  Security	
  Model	
  for	
  DDS	
  systems	
  
        –  Define	
  concrete	
  IntercepKon	
  points	
  in	
  the	
  middleware	
  
           where	
  SPI	
  interfaces	
  must	
  be	
  called	
  
        –  Define	
  concrete	
  SPI	
  Interfaces	
  vendors	
  must	
  invoke	
  at	
  the	
  
           IntercepKon	
  Points	
  and	
  the	
  behavior	
  upon	
  various	
  
           returns	
  
        –  Define	
  specific	
  SPI	
  implementaKons	
  to	
  the	
  extent	
  
           required	
  for	
  interoperability	
  
        –  NOT	
  guidance	
  to	
  users	
  implemenKng	
  secure	
  DDS	
  systems	
  
        –  NOT	
  definiKon	
  of	
  security	
  technologies	
  beyond	
  what	
  is	
  
           required	
  to	
  implement	
  the	
  specificaKon	
  

  3/21/13	
                     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     19	
  
DDS	
  Security	
  covers	
  4	
  related	
  concerns	
  

                                Security	
  Model	
  


        Security	
  Plugin	
                                                                                    DDS	
  &	
  RTPS	
  support	
  
        APIs	
  &	
  Behavior	
                                                                                      for	
  Security	
  



                Buil:n	
  Plugins	
  
  3/21/13	
                      ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
               20	
  
Security	
  Model	
  


3/21/13	
             ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     21	
  
MR#	
  6.5.1	
  
  Security	
  Model	
  
  •  A	
  security	
  model	
  is	
  defined	
  in	
  terms	
  of:	
  
              –  The	
  subjects	
  (principals)	
  
              –  The	
  objects	
  being	
  protected	
  
                  •  The	
  operaKons	
  that	
  are	
  protected	
  on	
  the	
  objects	
  
              –  Access	
  Control	
  Model	
  
                  •  A	
  way	
  to	
  map	
  each	
  subject	
  to	
  the	
  objects	
  they	
  can	
  
                     perform	
  operaKons	
  on	
  and	
  which	
  are	
  the	
  allowed	
  
                     operaKons	
  




3/21/13	
                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                        22	
  
Security	
  Model	
  Example:	
  
    UNIX	
  FileSystem	
  (simplified)	
  
•  Subjects:	
  	
  Users,	
  specifically	
  processes	
  execuKng	
  on	
  behalf	
  of	
  a	
  specific	
  userid	
  
•  Protected	
  Objects:	
  	
  Files	
  and	
  Directories	
  
•  Protected	
  OperaKons	
  on	
  Objects:	
  
    –  Directory.list,	
  Directory.createFile,	
  Directory.createDir,	
  Directory.removeFile,	
  
       Directory.removeDir,	
  Directory.renameFile	
  
    –  File.view,	
  File.modify,	
  File.execute	
  
•  Access	
  Control	
  Model:	
  
    –  A	
  subject	
  is	
  given	
  a	
  userId	
  and	
  a	
  set	
  of	
  	
  groupId	
  
    –  Each	
  object	
  is	
  assigned	
  a	
  OWNER	
  and	
  a	
  GROUP	
  
    –  Each	
  Object	
  is	
  given	
  a	
  combinaKon	
  of	
  READ,	
  WRITE,	
  EXECUTE	
  permissions	
  
       for	
  the	
  assigned	
  OWNER	
  and	
  GROUP	
  
    –  Each	
  protected	
  operaKon	
  is	
  mapped	
  to	
  a	
  check,	
  for	
  example	
  
                •  	
  File.view	
  is	
  allowed	
  if	
  and	
  only	
  if	
  	
  
                          –  File.owner	
  ==	
  Subject.userId	
  AND	
  File.permissions(OWNER)	
  includes	
  READ	
  
                          –  OR	
  File.group	
  IS-­‐IN	
  Subject.groupId[]	
  	
  AND	
  File.permissions(GROUP)	
  includes	
  READ	
  
  3/21/13	
                                             ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     23	
  
MR#	
  6.5.1	
  
    DDS	
  Security	
  Model	
  
•  Subjects:	
  	
  DDS	
  DomainParKcipant	
  (ParKcipant	
  GUID)	
  
•  Protected	
  Objects:	
  	
  DDS	
  Domain	
  and	
  DDS	
  Topic	
  
•  Protected	
  Opera:ons	
  on	
  Objects	
  (logical	
  view):	
  
    –  DomainParKcipant.join	
  
    –  DomainParKcipant.add_read_parKKon	
  
    –  DomainParKcipant.add_write_parKKon	
  
    –  Topic.create	
  
    –  Topic.set_qos	
  
    –  Topic.set_reader_qos	
  
    –  Topic.read	
  
    –  Topic.set_writer_qos	
  
    –  Topic.write	
  
    –  Topic.create_instance	
  
    –  Topic.update_instance	
  
    –  Topic.dispose_instance	
  
  3/21/13	
                       ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                        24	
  
MR#	
  6.5.1	
  
Mapping	
  of	
  DDS	
  API	
  to	
  protected	
  operaKons	
  
DDS	
  API	
  Call	
  	
                                                   Protected	
  Opera:on	
  
DomainParKcipantFactory.create_parKcipant	
  
Discovery.match_remote_parKcipant	
                                        DomainParKcipant.join	
  
DomainParKcipant.create_publisher	
  
Publisher.set_qos	
  
                                                                           DomainParKcipant.add_write_parKKon	
  
DomainParKcipant.create_subscriber	
  
Subscriber.set_qos	
  
                                                                           DomainParKcipant.add_read_parKKon	
  

DomainParKcipant.create_topic	
  
Discovery.dicover_topic	
  
                                                                           Topic.create,	
  Topic.seq_qos	
  
Topic.set_qos	
  
                                                                           Topic.set_qos	
  
Subscriber.create_datareader	
  
Discovery.dicover_datareader	
  
                                                                           Topic.read,	
  Topic.set_reader_qos	
  
DataReader.set_qos	
  
Discovery.change_datareader_qos	
  
                                                                           Topic.set_reader_qos	
  
Publisher.create_datawriter	
  
Discovery.dicover_datawriter	
  
                                                                           Topic.write,	
  Topic.set_writer_qos	
  
DataWriter.set_qos	
  
Discovery.change_datawriter_qos	
  
                                                                           Topic.set_writer_qos	
  
DataWriter.register_instance	
  
DataWriter.write	
  
                                                                           Topic.create_instance	
  
Protocol.receive_instance_new	
  
DataWriter.dispose	
  
  3/21/13	
  
Protocol.receive_dispose	
  
                                                                           Topic.dispose_instance	
  
                                                ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                        25	
  
DDS	
  &	
  RTPS	
  Support	
  for	
  Security	
  


3/21/13	
               ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     26	
  
Support	
  for	
  Security	
  in	
  DDS	
  &	
  RTPS	
  
  •  DDS	
  ParKcipants	
  need	
  to	
  exchange	
  security	
  
     informaKon	
  
              –  CerKficates	
  for	
  AuthenKcaKon	
  &	
  Permissions	
  
              –  Handshake	
  messages	
  for	
  mutual	
  authenKcaKon	
  and	
  
                 shared-­‐secret	
  establishment	
  
              –  KeyTokens	
  for	
  key-­‐exchange	
  
  •  These	
  messages	
  reuse	
  exisKng	
  DDS	
  mechanisms	
  
              –  Discovery	
  topics	
  
              –  BuilKn	
  data	
  readers	
  /	
  writers	
  
  •  EncrypKon	
  and	
  signatures	
  introduce	
  new	
  RTPS	
  
     Submessage	
  and	
  Submessage	
  elements	
  
              –  SecureSubMessage	
  
              –  SecuredData	
  

3/21/13	
                             ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     27	
  
Security	
  informaKon	
  propagated	
  via	
  DDS	
  
     discovery	
                struct	
  Property	
  {	
  
                                                                                                 	
  	
  	
  	
  string<>	
  name;	
  
2	
  addiKonal	
  aRributes	
  added	
                                                           	
  	
  	
  	
  string<>	
  value;	
  
     to	
                                                                                        };	
  
                                                                                                 typedef	
  sequence<Property>	
  
     ParKcipantBuilKnTopicData:	
  
                                                                                                 	
  	
  	
  	
  PropertySeq;	
  

                                     struct	
  Token	
  {	
  
IdenKtyToken	
  idenKty;	
           	
  	
  	
  	
  string<>	
  token_classid;	
  
PermissionsToken	
  permissions;	
   	
  	
  	
  	
  string<>	
  wrapper_classid;	
  
                                                                                                 	
  	
  	
  	
  PropertySeq	
  properKes;	
  
                                                                                                 	
  	
  	
  	
  sequence<octet>	
  value;	
  
                                                                                                 	
  	
  	
  	
  sequence<octet>	
  wrapped_value;	
  
                                                                                                 };	
  	
  

                                                                                                 typedef	
  Token	
  Iden:tyToken;	
  
                                                                                                 typedef	
  Token	
  PermissionsToken;	
  
   3/21/13	
                  ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                     28	
  
Security	
  informaKon	
  exchanged	
  via	
  
BuilKnParKcipantMessageWriter	
  
 typedef	
  Token	
  CryptoToken;	
  
 sequence<CryptoToken>	
  CryptoTokenSeq;	
  

                                                                                                              4	
  addiKonal	
  kinds:	
  
                                                                                                              KIND_SECURITY_AUTH_HANDSHAKE	
  
                                                                                                              KIND_SECURITY_PARTICIPANT_CRYPTO_TOKENS	
  
struct	
  CryptoTokensMsg	
  {	
                                                                              KIND_SECURITY_DATAWRITER_CRYPTO_TOKENS	
  
	
  	
  	
  	
  octet	
  sending_guid[16];	
                                                                  KIND_SECURITY_DATAREADER_CRYPTO_TOKENS	
  
	
  	
  	
  	
  octet	
  receiving_guid[16];	
  
	
  	
  	
  	
  CryptoTokenSeq	
  crypto_tokens;	
  
};	
  
typedef	
  Token	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  HandshakeTokenMsg;	
  
typedef	
  CryptoTokensMsg	
  	
  Par:cipantCryptoTokensMsg;	
  
typedef	
  CryptoTokensMsg	
  	
  DatawriterCryptoTokensMsg;	
  
typedef	
  CryptoTokensMsg	
  	
  DatareaderCryptoTokensMsg;	
  

       3/21/13	
                                           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     29	
  
BuilKnParKcipantMessageWriter	
  


typedef	
  	
  octet	
  GuidPrefix_t[12];	
  
typedef	
  	
  octet	
  Par:cipantMessageDataKind[4];	
  

struct	
  Par:cipantMessageData	
  {	
  	
  
	
  	
  	
  	
  GuidPrefix_t	
  par:cipantGuidPrefix;	
  //@Key	
  
	
  	
  	
  	
  Par:cipantMessageDataKind	
  	
  	
  	
  kind;	
  //@Key	
  
	
  	
  	
  	
  sequence<octet>	
  data;	
  
};	
  


  3/21/13	
                 ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     30	
  
Background:	
  RTPS	
  
     RTPS	
  Message	
                          RTPS	
  SubMessage	
  
      RTPS	
  Header	
                            SubMsg	
  Header	
  

RTPS	
  SubMessage	
                           SubMsg	
  Element	
  

RTPS	
  SubMessage	
                           SubMsg	
  Element	
  

RTPS	
  SubMessage	
                                 SerializedData	
  


RTPS	
  SubMessage	
  




3/21/13	
                  ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     31	
  
Cryptographic	
  SPI	
  at	
  the	
  wire-­‐protocol	
  level	
  
                                                                    Message	
  TransformaKon	
  
             RTPS	
  Header	
                                                                           RTPS	
  Header	
  

      RTPS	
  SubMessage	
                                                                         RTPS	
  SubMessage	
  (*)	
  
                                                                      Secure	
  encoding	
  
                                                                                                   RTPS	
  SubMessage	
  (*)	
  
           SerializedData	
  
                                                                                                     RTPS	
  SubMessage	
  
      RTPS	
  SubMessage	
                                            Secure	
  decoding	
  
                                                                                                        SecuredData	
  

            SerializedData	
                                                                           SerializedData	
  



                                                                                                   RTPS	
  SubMessage	
  (*)	
  

                                                                                                     RTPS	
  SubMessage	
  

                                                                                                        SecuredData	
  

                                                                                                       SerializedData	
  

    ©	
  2012	
  RTI	
  •	
  UNCLASSIFIED	
  •	
  PROPRIETARY	
  
RTPS	
  Header	
                                        RTPS	
  Header	
  

RTPS	
  SubMessage	
                                   RTPS	
  SubMessage	
  

                         encode_seriali
 SerializedData	
                       zed_data	
        SecuredData	
  

                                                          SerializedData	
  
RTPS	
  SubMessage	
  

                                                       RTPS	
  SubMessage	
  
RTPS	
  Header	
                                             RTPS	
  Header	
  
                         encode_datawrite
RTPS	
  SubMessage	
                     r_submessage	
      RTPS	
  SecureSubMsg	
  

                                                              RTPS	
  SubMessage	
  
RTPS	
  SubMessage	
  

                                                              RTPS	
  SubMessage	
  




  RTPS	
  Header	
                                              RTPS	
  Header	
  

                         encode_dataread                     RTPS	
  SecureSubMsg	
  
RTPS	
  SubMessage	
                     er_submessage	
  

                                                              RTPS	
  SubMessage	
  
RTPS	
  SubMessage	
  

                                                              RTPS	
  SubMessage	
  
RTPS	
  Header	
       encode_rtps_message	
          RTPS	
  Header	
  

RTPS	
  SubMessage	
                               RTPS	
  SecureSubMsg	
  

                                                    RTPS	
  SubMessage	
  
RTPS	
  SubMessage	
  

                                                    RTPS	
  SubMessage	
  
RTPS	
  SubMessage	
  

                                                    RTPS	
  SubMessage	
  
RTPS	
  Header	
       encode_rtps_message	
                           RTPS	
  Header	
  

RTPS	
  SubMessage	
                                                  RTPS	
  SecSubMsg	
  
                         enco
                              de_d                                    RTPS	
  SecSubMsg	
  
  SerializedData	
       enco       ataw
                              de_s         riter_
                                   eriali         su b m
                                          zed_d          essag        RTPS	
  SubMessage	
  
                                                 ata	
        e	
  
RTPS	
  SubMessage	
  
                                                                        SecuredData	
  
  SerializedData	
                                                      SerializedData	
  



                                                                      RTPS	
  SecSubMsg	
  

                                                                      RTPS	
  SubMessage	
  

                                                                        SecuredData	
  

                                                                        SerializedData	
  
Security	
  Plugins	
  


3/21/13	
              ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     37	
  
Plaoorm	
  Independent	
  IntercepKon	
  Pts	
  +	
  	
  SPIs	
  	
                                                                            MR#	
  6.5.2	
  
Service Plugin Purpose                                                                                                        Interactions
Authentication   Authenticate the principal that is                                                                           The principal may be an
                 joining a DDS Domain.                                                                                        application/process or the user
                                                                                                                              associated with that application
                 Handshake and establish                                                                                      or process.
                 shared secret between
                                                     Participants may messages to
                 participants                        do mutual authentication and
                                                     establish shared secret
Access Control Decide whether a principal is allowed Protected operations include
               to perform a protected operation.     joining a specific DDS domain,
                                                     creating a Topic, reading a
                                                     Topic, writing a Topic, etc.
Cryptography   Perform the encryption and            Invoked by DDS middleware to
               decryption operations. Create &       encrypt data compute and verify
               Exchange Keys. Compute digests,       MAC, compute & verify Digital
               compute and verify Message            Signatures
               Authentication Codes. Sign and
               verify signatures of messages.
Logging          Log all security relevant events                                                                             Invoked by middleware to log

Data Tagging
   3/21/13	
     Add a data ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
  
                            tag for each data sample                                                                                                      38	
  
Plaoorm	
  Independent	
  SPIs	
  	
  MR#	
  6.5.2	
  




3/21/13	
     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     39	
  
MR#	
  6.5.3	
  
      BuilKn	
  Plugins	
  
SPI	
               Buil:n	
  Plungin	
                                                        Notes	
  
AuthenKcaKon	
      DDS:Auth:PKI-­‐RSA/DSA-­‐DH	
  	
   Uses	
  PKI	
  with	
  a	
  pre-­‐configured	
  shared	
  
                                                        CerKficate	
  Authority.	
  
                                                        DSA	
  and	
  Diffie-­‐Hellman	
  for	
  authenKcaKon	
  
                                                        and	
  key	
  exchange	
  
                                                        Establishes	
  shared	
  secret	
  
AccessControl	
     DDS:Access:PKI-­‐Signed-­‐                                                 Permissions	
  document	
  signed	
  by	
  shared	
  
                    XML-­‐Permissions	
  	
                                                    CerKficate	
  Authority	
  
Cryptography	
      DDS:Crypto:AES-­‐CTR-­‐                                                    Protected	
  key	
  distribuKon	
  
                    HMAC-­‐RSA/DSA-­‐DH	
  	
                                                  AES128	
  and	
  AES256	
  	
  for	
  encrypKon	
  (in	
  
                                                                                               counter	
  mode)	
  
                                                                                               SHA1	
  and	
  SHA256	
  for	
  digest	
  
                                                                                               HMAC-­‐SHA1	
  and	
  HMAC-­‐256	
  for	
  MAC	
  

DataTagging	
       Discovered_EndpointTags	
                                                  Send	
  Tags	
  via	
  Endpoint	
  Discovery	
  

Logging	
           DedicatedDDS_LogTopic	
  

    3/21/13	
                      ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                            40	
  
MR#	
  6.5.4	
  
  Mapping	
  to	
  DDS	
  Language	
  PSMs	
  	
  
  •  Plugin	
  SPIs	
  to	
  be	
  defined	
  using	
  IDL	
  
  •  IDL-­‐to-­‐Language	
  mappings	
  used	
  for	
  each	
  
     Language	
  PSM	
  
  •  No	
  need	
  to	
  define	
  mappings	
  to	
  new	
  Javs5	
  
     PSM	
  and	
  STD-­‐C++	
  PSM	
  
              –  IDL-­‐derived	
  Language	
  PSMs	
  suffice	
  as	
  these	
  are	
  
                 low-­‐level	
  interfaces	
  that	
  will	
  only	
  be	
  exercised	
  by	
  
                 SPI	
  plugin	
  implementers.	
  

  NOTE:	
  IDL	
  file	
  is	
  missing	
  from	
  submission	
  

3/21/13	
                          ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
               41	
  
Use	
  of	
  DDS	
  Interoperability	
  Protocol	
                                                                                                MR#	
  6.5.5	
  


 •  Uses:	
  Buil%nPar%cipantMessageWriter/Reader	
  	
  
          –  Msg	
  kind:	
  	
  	
  	
  	
  KIND_SECURITY_AUTH_HANDSHAKE	
  	
  
                •  data:	
  	
  	
  	
  	
  MessageToken	
  
          –  Msg	
  kind:	
  	
  	
  	
  	
  KIND_SECURITY_KEY_TOKEN	
  
                •  Data:	
  	
  	
  	
  KeyToken	
  
 •  Discovery	
  propagates	
  addiKonal	
  security	
  info	
  
          –  Buil:nPar:cipantTopicData	
  
                •  Iden:tyToken	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  [PID_SEC_IDENTITY_TOKEN]	
  
                •  PermissionsToken	
  	
  [PID_SEC_PERMISSIONS_TOKEN]	
  
          –  Buil:nPublica:onTopicData	
  
                •  DataTags	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  	
  [PID_SEC_DATA_TAGS]	
  

  3/21/13	
                                     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
               42	
  
Agenda	
  
  •  Status	
  recap	
  
  •  Summary	
  of	
  submission	
  
  •  What	
  has	
  changed?	
  
  •  Some	
  details	
  
  •  Status	
  &	
  Conclusion	
  




3/21/13	
           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     43	
  
What	
  has	
  changed	
  
  •  Unified	
  Token	
  representaKons	
  
              –  All	
  Tokens	
  use	
  common	
  data-­‐type	
  
              –  Tokens	
  can	
  be	
  encrypted	
  (wrapped)	
  by	
  key	
  
  •  AuthenKcaKon	
  SPI	
  can	
  now	
  do:	
  
              –  Configurable	
  mulK-­‐step	
  Handshake	
  	
  (subsumes	
  Challenge)	
  
              –  Establishment	
  of	
  Shared	
  Secret	
  
  •  Cryptography	
  SPI	
  
              –  Focuses	
  just	
  on	
  Crypto,	
  MAC,	
  DigitalSignature	
  and	
  
                 KeyExchange	
  
              –  No	
  handshakes	
  anymore	
  
  •  Secure	
  envelopes	
  
              –  Data	
  protected	
  by	
  encrypKon	
  using	
  AES-­‐CTR	
  (as	
  before)	
  
              –  MAC	
  can	
  be	
  used	
  for	
  whole	
  RTPS	
  message	
  (as	
  before)	
  
              –  MAC	
  can	
  be	
  used	
  for	
  part	
  of	
  RTPS	
  message	
  (new)	
  

3/21/13	
                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     44	
  
Agenda	
  
  •  Status	
  recap	
  
  •  Summary	
  of	
  submission	
  
  •  What	
  has	
  changed?	
  
  •  Some	
  details	
  
  •  Status	
  &	
  Conclusion	
  




3/21/13	
           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     45	
  
Tokens	
  are	
  a	
  generic	
  mechanism	
  to	
  pass	
  informaKon	
  
between	
  DDS	
  and	
  SPIs	
  
Token	
  interpretaKon	
  defined	
  by	
  SPI	
  ImplementaKons	
  
Some	
  tokens	
  are	
  propagated	
  via	
  DDS	
  




   3/21/13	
              ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     46	
  
Token	
  RepresentaKon	
  

   typedef string<> TokenClass;
   typedef string<> TokenWrappingClass;

   struct DDS_Property {
       char *property_name;
       char *property_value;
   };

    struct DDS_Token {
      TokenClass token_classid;
      WrappingClass wrapping_classid;
      DDS_PropertySeq properties;
      DDS_OctetSeq value;
      DDS_OctetSeq wrapped_value;
   };
 3/21/13	
       ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     47	
  
AuthenKcaKon	
  


3/21/13	
          ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     48	
  
AuthenKcaKon	
  SPI	
                                                                                                 MR#	
  6.5.2	
  




  3/21/13	
         ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                        49	
  
MR#	
  6.5.2	
  




                                                                                                                Meta-­‐Protocol	
  to	
  
                                                                                                                handshake	
  and	
  
                                                                                                                AuthenKcaKon	
  
                                                                                                                establish	
  shared	
  
3/21/13	
     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     Behavior	
  
                                                                                                                secret	
            50	
  
BuilKn	
  	
  DDS:Auth:PKI-­‐DSA-­‐DH	
  	
  
•  Uses	
  shared	
  CerKficate	
  Authority	
  (CA)	
  
          –  All	
  ParKcipants	
  pre-­‐configured	
  with	
  shared-­‐CA	
  
•  Performs	
  mutual	
  authenKcaKon	
  between	
  
   discovered	
  parKcipants	
  using	
  the	
  Digital	
  
   Signature	
  Algorithm	
  (DSA)	
  	
  
•  Establishes	
  a	
  shared	
  	
  secret	
  using	
  Diffie-­‐
   Hellman.	
  



 3/21/13	
                    ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     51	
  
ConfiguraKon	
  of	
  Auth:PKI-­‐DS-­‐DH	
  
  •  Three	
  things:	
  
              –  X.509	
  cerKficate	
  that	
  defines	
  the	
  shared	
  CA.	
  This	
  
                 cerKficate	
  contains	
  the	
  Public	
  Key	
  of	
  the	
  CA.	
  
              –  RSA	
  private	
  key	
  of	
  the	
  DomainParKcipant.	
  	
  
              –  An	
  X.509	
  cerKficate	
  that	
  chains	
  up	
  to	
  the	
  CA,	
  that	
  
                 binds	
  the	
  DomainParKcipant	
  public	
  key	
  	
  to	
  the	
  
                 disKnguished	
  name	
  (subject	
  name)	
  for	
  the	
  
                 parKcipant	
  and	
  any	
  intermediate	
  CA	
  cerKficates	
  
                 required	
  to	
  build	
  the	
  chain	
  
  •  ConfiguraKon	
  API	
  outside	
  scope	
  of	
  specificaKon	
  
              –  Vendors	
  can	
  use	
  file,	
  QoS	
  property,	
  etc.	
  

3/21/13	
                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     52	
  
Behavior	
  of	
  Auth:PKI-­‐DS-­‐DH	
  
  •  validate_local_parKcipant	
  
              –  IdenKtyCredenKalToken	
  has	
  X.509	
  cerKficate	
  	
  
              –  Validates	
  cerKficate	
  against	
  CA	
  
  •  validate_remote_parKcipant	
  
              –  Receives	
  X.509	
  cert	
  of	
  remote	
  parKcipant	
  in	
  
                 IdenKtyToken	
  
              –  Validates	
  X.509	
  cert	
  against	
  CA	
  
              –  Does	
  3-­‐message	
  handshake	
  to:	
  
                  •  verify	
  possession	
  of	
  private	
  key	
  	
  
                  •  establish	
  SharedSecret	
  

3/21/13	
                            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     53	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  



ParKcipants	
  receive	
  X.509	
  Cert	
  of	
  remote	
  parKcipant	
  via	
  
discovery	
  




  3/21/13	
               ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     54	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  




Each	
  ParKcipant	
  calls	
  validate_remote_idenKty()	
  this	
  
checks	
  remote	
  X.509	
  Cert	
  against	
  locally-­‐configured	
  	
  CA	
  
ParKcipant	
  with	
  highest	
  GUID	
  returns	
  
PENDING_HANDSHAKE_REQUEST,	
  the	
  other	
  
PENDING_HANDSAHKE_MESSAGE	
  



  3/21/13	
                ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     55	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  




ParKcipant1	
  creates	
  CHALLENGE1	
  =	
  “CHALLENGE:<nonce>	
  
and	
  sends	
  message	
  via	
  ParKcipantMessageWriter	
  with	
  
MessageToken	
  :=	
  {CHALLENGE1}	
  



  3/21/13	
           ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     56	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  




ParKcipant2	
  creates	
  CHALLENGE2	
  :=	
  CHALLENGE:<nonce>	
  
ParKcipant2	
  	
  sends	
  to	
  ParKcipant1	
  message	
  with	
  	
  
MessageToken	
  :=	
  {SIGN(CHALLENGE1),	
  CHALLENGE2}	
  

 3/21/13	
            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     57	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  




Part1	
  verifies	
  SIGN(CHALLENGE1)	
  using	
  Part2’s	
  PK	
  
Part1	
  	
  computes	
  a	
  SharedSecret	
  
Part1	
  sends	
  message	
  with	
  contents:	
  
MessageToken	
  :=	
  {SIGN(CHALLENGE2),	
  ENCRYPT(SharedSecret)}	
  
Encrypt	
  uses	
  Part2’s	
  PK.	
  




   3/21/13	
            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     58	
  
Remote	
  ParKcipant	
  AuthenKcaKon	
  




Part2	
  verifies	
  SIGN(CHALLENGE2)	
  using	
  Part1’s	
  PK	
  
Part2	
  	
  decrypts	
  SharedSecret	
  using	
  its	
  own	
  PK	
  




We	
  have	
  Mutual	
  Authen:ca:on	
  and	
  a	
  SharedSecret	
  
   3/21/13	
                   ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     59	
  
Access	
  Control	
  


3/21/13	
              ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     60	
  
MR#	
  6.5.2	
  




                                                                                                      Access	
  Control	
  SPI	
  
3/21/13	
     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                        61	
  
BuilKn	
  	
  DDS:AC:PKI	
  	
  SPI	
  
•  Configured	
  with:	
  
          –  X.509	
  CerKficate	
  of	
  shared	
  Permissions	
  CA	
  
          –  PermissionsCredenKalToken	
  
•  PermissionsCredenKalToken	
  contains	
  
          –  XML	
  file	
  with	
  permissions	
  
          –  Includes	
  SubjectName	
  matching	
  the	
  one	
  on	
  
             IdenKtyCredenKalToken	
  
          –  All	
  signed	
  by	
  Permissions	
  CA	
  

          This	
  binds	
  the	
  permissions	
  to	
  the	
  idenKty	
  established	
  by	
  
            the	
  AuthenKcaKonPlugin	
  

 3/21/13	
                       ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     62	
  
Example	
  Permissions	
  


3/21/13	
     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
                 63	
  
Cryptographic	
  


3/21/13	
            ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     64	
  
Cryptographic	
  




3/21/13	
     ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     65	
  
MR#	
  6.5.3	
  
  Crypto-­‐AES-­‐CTR-­‐HMAC-­‐DSA-­‐DH	
  
  •  EncrypKon	
  uses	
  AES	
  in	
  counter	
  mode	
  
              –  Similar	
  to	
  SRTP,	
  but	
  enhanced	
  to	
  support	
  mulKple	
  
                 topics	
  within	
  a	
  single	
  RTPS	
  message	
  and	
  
                 infrastructure	
  services	
  like	
  a	
  relay	
  or	
  persistence	
  
  •  Use	
  of	
  counter	
  mode	
  turns	
  the	
  AES	
  block	
  cipher	
  
     into	
  a	
  stream	
  cipher	
  
              –  Each	
  DDS	
  sample	
  is	
  separately	
  encrypted	
  and	
  can	
  be	
  
                 decrypted	
  without	
  process	
  the	
  previous	
  message	
  
                   •  This	
  is	
  criKcal	
  to	
  support	
  DDS	
  QoS	
  like	
  history,	
  content	
  
                      filters,	
  best-­‐efforts	
  etc.	
  
  •  DSA	
  and	
  Diffie-­‐Hellman	
  used	
  for	
  mutual	
  
     authenKcaKon	
  and	
  secure	
  key	
  exchange	
  

3/21/13	
                              ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
               66	
  
BuilKn	
  	
  DDS:Crypto-­‐AES-­‐CTR-­‐HMAC-­‐DSA-­‐
   DH	
  SPI	
  
•  Shared	
  secret	
  used	
  to	
  create	
  a	
  KeyExchangeKey	
  
•  KeyExchangeKey	
  used	
  to	
  send	
  following	
  Master	
  Key	
  Material	
  using	
  the	
  
   BuilKnPublicaKonWriter:	
  
       –  MasterKey	
  
       –  MasterSalt	
  
       –  MasterHMACSalt	
  

•  Based	
  on	
  this	
  the	
  following	
  Key	
  Material	
  is	
  computed:	
  
       –  SessionSalt	
  :=	
  HMAC(MasterKey,"SessionSalt"	
  +	
  MasterSalt	
  +	
  SessionId	
  +	
  0x00)	
  
       	
  	
  	
  [	
  Truncated	
  to	
  128	
  bits]	
  
       –  SessionKey	
  :=	
  HMAC(MasterKey,"SessionKey"	
  +	
  MasterSalt	
  +	
  SessionId	
  +	
  0x01)	
  
       –  SessionHMACKey	
  :=	
  HMAC(MasterKey,"SessionHMACKey"	
  +	
  MasterHMACSalt	
  +	
  SessionId)	
  
       Note:	
  SessionId	
  goes	
  on	
  the	
  EncryptedMessage	
  Envelope	
  

•  EncrypKon	
  uses	
  AES	
  in	
  Counter	
  (CTR)	
  mode	
  
       –  The	
  session	
  counter	
  is	
  sent	
  on	
  EncryptedMessage	
  Envelope.	
  


     3/21/13	
                                ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     67	
  
Conclusion	
  
•  Submission	
  revised	
  based	
  on	
  addiKonal	
  
   implementaKon	
  experience	
  
•  Plugin	
  APIs	
  modified	
  to	
  enhance	
  performance	
  and	
  
   support	
  implementaKons	
  that	
  want	
  to	
  use	
  MIKEY	
  
   exchanges	
  and	
  SRTP	
  style	
  encrypKon	
  
•  A	
  few	
  things	
  are	
  sKll	
  missing	
  
         –  IDL	
  for	
  interfaces	
  
         –  Wire	
  protocol	
  parameter-­‐ID	
  assignment	
  
         –  Resolve	
  inconsistencies	
  in	
  document	
  
         –  Examine	
  is	
  there	
  are	
  special	
  rules	
  that	
  affects	
  ParKKons	
  
•  TargeKng	
  June	
  2013	
  for	
  vote	
  to	
  recommend	
  adopKon	
  


 3/21/13	
                        ©	
  2012	
  Real-­‐Time	
  InnovaKons,	
  Inc.	
  	
  -­‐	
  	
  All	
  rights	
  reserved	
     68	
  
Find	
  out	
  more…	
  
     www.rK.com	
                                                                   dds.omg.org	
  

     community.rK.com	
                                                             www.omg.org	
  

     demo.rK.com	
  

     www.youtube.com/realKmeinnovaKons	
  

     blogs.rK.com	
  

     www.twiRer.com/RealTimeInnov	
  

     www.facebook.com/RTIso`ware	
  

     www.slideshare.net/GerardoPardo	
  
                           ©	
  2012	
  RTI	
  •	
  ALL	
  RIGHTS	
  RESERVED	
                       69	
  

More Related Content

What's hot

OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...Gerardo Pardo-Castellote
 
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Real-Time Innovations (RTI)
 
Cyber security event
Cyber security eventCyber security event
Cyber security eventTryzens
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)ClubHack
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Smart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit RevereSmart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit Reverehhanebeck
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defenseZsolt Nemeth
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security ModuleAngelo Corsaro
 
SCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systemsSCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systemsZsolt Nemeth
 

What's hot (20)

OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
 
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
 
Introduction to RTI DDS
Introduction to RTI DDSIntroduction to RTI DDS
Introduction to RTI DDS
 
DDS Secure Intro
DDS Secure IntroDDS Secure Intro
DDS Secure Intro
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Smart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit RevereSmart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit Revere
 
Cloud security and adoption
Cloud security and adoptionCloud security and adoption
Cloud security and adoption
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defense
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security Module
 
SCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systemsSCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systems
 
Cloud security
Cloud securityCloud security
Cloud security
 

Similar to OMG DDS Security. 4th Revised Submission

How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...Community Protection Forum
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computingvivatechijri
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 
How secured and safe is Cloud?
How secured and safe is Cloud?How secured and safe is Cloud?
How secured and safe is Cloud?IRJET Journal
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)securityiphonepentest
 
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael FirstenbergTI Safe
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Zscaler
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsHossam Al-Ansary
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Editor IJARCET
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingIJERA Editor
 
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10Irsandi Hasan
 
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesOverload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesTripwire
 

Similar to OMG DDS Security. 4th Revised Submission (20)

OMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submissionOMG DDS Security, 3rd revised submission
OMG DDS Security, 3rd revised submission
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computing
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
How secured and safe is Cloud?
How secured and safe is Cloud?How secured and safe is Cloud?
How secured and safe is Cloud?
 
DDS Security
DDS SecurityDDS Security
DDS Security
 
Cloud computing final show
Cloud computing final   showCloud computing final   show
Cloud computing final show
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and Mobility
 
The Network Enabled EOC
The Network Enabled EOCThe Network Enabled EOC
The Network Enabled EOC
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)security
 
176
176176
176
 
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud Computing
 
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10
 
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesOverload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
 

More from Gerardo Pardo-Castellote

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy,  and the Need for Distributed SoftwareDDS, the US Navy,  and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareGerardo Pardo-Castellote
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Gerardo Pardo-Castellote
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationGerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018Gerardo Pardo-Castellote
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkGerardo Pardo-Castellote
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationGerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaGerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017Gerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017Gerardo Pardo-Castellote
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Gerardo Pardo-Castellote
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Gerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsGerardo Pardo-Castellote
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)Gerardo Pardo-Castellote
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)Gerardo Pardo-Castellote
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)Gerardo Pardo-Castellote
 

More from Gerardo Pardo-Castellote (20)

DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy,  and the Need for Distributed SoftwareDDS, the US Navy,  and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.
 
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
 
Overview of the DDS-XRCE specification
Overview of the DDS-XRCE specificationOverview of the DDS-XRCE specification
Overview of the DDS-XRCE specification
 
DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018DDS-Security Interoperability Demo - March 2018
DDS-Security Interoperability Demo - March 2018
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 Beta
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained Environments
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 

Recently uploaded

HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfHCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfROWELL MARQUINA
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactivestartupro
 
Automation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementAutomation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementDianaGray10
 
Arti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfArti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfwill854175
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Transport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MITransport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MIRomil Mishra
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerAnchore
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Memoori
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?Rustici Software
 
Introduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxIntroduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxmprakaash5
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 

Recently uploaded (20)

HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfHCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactive
 
Automation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementAutomation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions management
 
Arti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfArti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdf
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Transport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MITransport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MI
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey Hightower
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?
 
Introduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxIntroduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptx
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 

OMG DDS Security. 4th Revised Submission

  • 1. Your  systems.  Working  as  one.   DDS  SECURITY   4rd  Revised  Submission  (Joint)   mars/2013-­‐03-­‐10   Doc  num:  mars/2013-­‐03-­‐10   SubmiRers:   SpecificaKon  lead:   Real-­‐Time  InnovaKons,  Inc.   Gerardo  Pardo-­‐Castellote,  Ph.D.   PrismTech  Corp.   CTO,  Real-­‐Time  InnovaKons,  Inc.   eProsima  (supporter)   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved  
  • 2. Agenda   •  Status  recap   •  Summary  of  submission   •  What  has  changed?   •  Some  details   •  Status  &  Conclusion   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   2  
  • 3. Status  recap   •  Started  with  two  separate  submissions  by  RTI   and  PrismTech   –  RTI  submission  focused  on  the  mandatory   requirements  for  an  SPI  Architecture  and  built-­‐in   SPIs   –  PrismTech  discussed  on  the  use  of  technologies   such  as  (MIKEY  /  SRTP)  to  support  the  needs  of   secure  DDS   •  As  of  the  December  2012  meeKng  PrismTech   joined  the  RTI  submission   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   3  
  • 4. Agenda   •  Status  recap   •  Summary  of  submission   •  What  has  changed?   •  How  the  submission  allows  a  specializaKon  to   use  MIKEY  and  SRTP   •  Status  &  Conclusion   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   4  
  • 5. Intro  to  DDS  Security  and  scope  of   this  specificaKon   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   5  
  • 6. Security  as  a  system  problem   •  UlKmately  security  is  a  system  property   –  Involves  hardware,  so`ware,  humans,   procedures…   •  Most  directly  related:   Scope  of   1.  Securing  the  data-­‐centric  bus   the  RFP   2.  IntegraKng  across  security  domains   Out   3.  Securing  the  operaKng  system   of  Scope   4.  Securing  the  hardware  &  so`ware   configuraKon   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   6  
  • 7. Three  security  boundaries   Ul:mately  you  need  to  implement  the  3  of  them   •  Boundary  security   •  Transport-­‐Level     –  Network  (layer  3)  security   –  Session  (layer  4/5)  security   •  Fine-­‐grained  Data-­‐Centric   Security   Scope  of  the  DDS  Security  RFP   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   7  
  • 8. Fine-­‐Grained  Data-­‐Centric  Security   Topics   •  Access  control  per  Topic   •  Read  versus-­‐write  permissions   •  Field-­‐specific  permissions   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   8  
  • 9. Threats   Alice:  Allowed  to  publish  topic  T   1.  Unauthorized  subscripKon   Bob:  Allowed  to  subscribe  to  topic  T   Eve:  Non-­‐authorized  eavesdropper     2.  Unauthorized  publicaKon   Trudy:  Intruder   3.  Tampering  and  replay     Trent:  Trusted  infrastructure  service   Mallory:  Malicious  insider   4.  Unauthorized  access  to  data   by  infrastructure  services     3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   9  
  • 10. Data-­‐centric/mulKcast  Insider  Threats     •  Two  insider  threats  affecKng  (mulKcast)  data-­‐ centric  systems  are  of  unique  significance   1.  Reader  mis-­‐behaves  as  unauthorized  writer   An  applicaKon  uses  knowledge  gained  as  authorized   reader  to  spoof  the  system  as  a  writer   2.  Compromise  of  Infrastructure  Service     A  service  that  is  trusted  to  read  and  write  data  on  behalf   of  others  (e.g.  a    persistence  service  )  becomes   compromised     3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   10  
  • 11. Reader  mis-­‐behaves  as  unauthorized   writer   •  SituaKon:   –  Alice  -­‐    creates  a  Crypto  Key  per  Topic/DataWriter   –  Alice  -­‐  shares  its  Key  with  all  intended  readers  as  needed  to  mulKcast   –  Mallory  –  is  an  authorized  reader  so  it  has  Alice’s  key   –  Mallory  –  behaves  maliciously  and  uses  Alice’s  key  to  create  fake  UDP  messages  pumng   Alice’s  informaKon  (IP,  Port,  GUIDs,  etc.)  but  with  bad  data.   •  ImplicaKons:   –  Bob  sees  message  from  Mallory  and  processes  it  believing  it  is  from  Alice   –  Mallory  can  provide  a  system-­‐wide  failure  for  all  subscribers  to  topic  T,  making  them  process   wrong  data,  delete  instances,     –  Depending  on  the  Topic  this  can  be  catastrophic  for  the  system   •  Notes:   –  The  problem  is  that  all  secrets  shared  by  Alice  and  Bob  are  also  known    to  Mallory   •  So  the  aRack  cannot  be  solved  with  a  MAC  or  HMAC  if  Alice’s  key  is  also  shared  with  all  readers…   –  The  problem  can  be  solved  with  a  digital  signature  but  that  is  1000X  slower  than  a  MAC   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   11  
  • 12. Summary  of  RFP  requirements   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   12  
  • 13. RFP  Mandatory  Requirements   Proposals  shall  define  …   6.5.1    …  a  Plaoorm  Independent  Security  Model  for  DDS     independent  of  the  programming  language  used…   6.5.2    …  a  collecKon  of  Plaoorm  Independent  IntercepKon   Points  and    SPIs  …   6.5.3  …    built-­‐in  Plaoorm  Independent  Security  Plugins  that   implement  the  Plaoorm  Independent  Interfaces   6.5.4    …  plaoorm  specific  mappings  for  the  built-­‐in  plugins  to   all  the  language  PSMs  supported  by  DDS   6.5.5  …    how  the  DDS  Interoperability  Wire  Protocol  is  used   to  allow  DDS  applicaKons  to  interoperate  securely   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   13  
  • 14. Mandatory  Requirements  6.5.1:   Security  Model   The  Security  Model  for  DDS  shall  …   6.5.1.1    …  support  mechanisms  that  establish  the  ability  for  a  DDS  ParKcipant  to  run  in  a   plaoorm   6.5.1.2    …  support  mechanisms  to  configure  and  access  the  credenKals  of  the  underlying   DDS  ParKcipants  …   6.5.1.3  …    allow  specificaKon  of  authorizaKon  policies,  controlling    [1]  Joining  a  DDS  Domain    [2]  Access  to  DDS  Discovery  Data    [3]  Publishing  a  DDS  Topic,    [4]  Subscribing  to  a  DDS  Topic    [5]  Publishing  on  a  DDS  ParKKon,  [6]  Subscribing  on  a  DDS  ParKKon   6.5.1.4    …  include  the  concept  of  data  tagging   6.5.1.5  …    support  mechanism  for  ensuring  data  integrity,  including    [1]  traceability,  pedigree,  and  tamper    [2]  digital  signatures    [3]  data  encrypKon    [4]  use  of  different  keys  for  data  from  different  DataWriters   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   14  
  • 15. Mandatory  Requirements  6.5.2:     Set  of  IntercepKon  Points  and  SPIs   The  Plugin  SPIs  shall  …   6.5.2.1    …  allow  applicaKons  to  exchange  credenKals  with  a  DDS  ParKcipant    [1]  exchanging  credenKals  for  authenKcaKon    [2]  delegaKon  of  authority  for  authenKcaKon   6.5.2.2    …  allow  an  external  plugin  to  perform  all  the  authorizaKon  funcKons      [1]  full  support  of  the  authorizaKon  policies    [3]  support  delegaKon  of  authority    [4]  support  delegaKon  of  authority  separately  for  each  DDS  Topic   6.5.2.3  …    allow  an  external  plugin  to  perform  all  the  tagging  and  tag-­‐accessing  funcKons   6.5.2.4    …  allow  an  external  plugin  to  perform  all  the  encrypKon  and  decrypKon   funcKons   6.5.2.5  …    external  plugin  to  perform  all  the  digital  signing  and  verificaKon  funcKons   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   15  
  • 16. RFP  OpKonal  Requirements   Proposals  may  define  authorizaKon  policies  that  control    …   6.6.1  …  the  content  a  DDS  ParKcipant  is  allowed  to  publish  on  a  Topic.   6.6.2  …  the  content  a  DDS  ParKcipant  is  allowed  to  subscribe  on  a  Topic..   6.6.3  …  the  QoS  Policies  a  DDS  ParKcipants  can  use  when  publishing  a  Topic   6.6.4  …  the  QoS  Policies  a  DDS  ParKcipant  can  use  when  subscribing  to  a   Topic.   Proposals  may  define  …   6.6.5  …  data-­‐tagging  plugins  that  apply  different  tags  for  each  data-­‐sample   published  by  a  DDS  DataWriter.   6.6.6  …  built-­‐in  plugins  that  interoperate  with  standard  authenKcaKon  and   authorizaKon  protocols  and  services,  such  as,  LDAP  and  SAML.   6.6.7  …  a  PSM  mapping  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  to  a   secure  transport,  such  as,  DTLS.   6.6.8  …  a  PSM  of  the  DDS-­‐RTPS  Interoperability  Wire  Protocol  allowing   interoperability  over  UnidirecKonal  Transports.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   16  
  • 17. Summary  of  DDS  Security  spec.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   17  
  • 18. Submission  Guiding  Principles   •  Performance  &  Scalability   –  Do  not  impact  parts  of  the  system  that  do  not  have  security  needs   –  Allow  opKng  out  of  specific  features  such  as  MAC,  EncrypKon.  Digital  Signature  with  sufficient   granularity   –  Limit  use  of  asymmetric  keys  to  discovery  &  session  establishment     –  Support  MulKcast   •  Robustness  &  Availability   –  Be  robust  to  the  failure  or  compromise  of  any  single  component.   –  Limit  privileges  of  infrastructure  services  and  relays   –  Avoid  centralized  policy  decisions/services   –  Avoid  mulK-­‐party  key  agreement  protocols   •  Fitness  to  data-­‐centric  model   –  Express  policies  and  permissions  in  terms  of  familiar  DDS  terminology  and  objects   –  Support  all  of  DDS:  consumpKon  of  samples  out  of  order,  best  efforts,  Kme  filters,  history  cache,   etc.   •  Leverage  exis:ng  technologies   –  Support  plugging  in  exiKng  technologies  for  ciphers,  MAC,  PKI   •  Ease  of  use  &  Flexibility   –  DO  not  preclude  integraKng  with  their  exisKng  security  and  crypto  infrastructure.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   18  
  • 19. Audience  and  Purpose  for  this  SpecificaKon   •  Audience:   –  DDS  vendors/implementers,  not  the  users  of  DDS   •  Purpose:   –  Define  a  Security  Model  for  DDS  systems   –  Define  concrete  IntercepKon  points  in  the  middleware   where  SPI  interfaces  must  be  called   –  Define  concrete  SPI  Interfaces  vendors  must  invoke  at  the   IntercepKon  Points  and  the  behavior  upon  various   returns   –  Define  specific  SPI  implementaKons  to  the  extent   required  for  interoperability   –  NOT  guidance  to  users  implemenKng  secure  DDS  systems   –  NOT  definiKon  of  security  technologies  beyond  what  is   required  to  implement  the  specificaKon   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   19  
  • 20. DDS  Security  covers  4  related  concerns   Security  Model   Security  Plugin   DDS  &  RTPS  support   APIs  &  Behavior   for  Security   Buil:n  Plugins   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   20  
  • 21. Security  Model   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   21  
  • 22. MR#  6.5.1   Security  Model   •  A  security  model  is  defined  in  terms  of:   –  The  subjects  (principals)   –  The  objects  being  protected   •  The  operaKons  that  are  protected  on  the  objects   –  Access  Control  Model   •  A  way  to  map  each  subject  to  the  objects  they  can   perform  operaKons  on  and  which  are  the  allowed   operaKons   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   22  
  • 23. Security  Model  Example:   UNIX  FileSystem  (simplified)   •  Subjects:    Users,  specifically  processes  execuKng  on  behalf  of  a  specific  userid   •  Protected  Objects:    Files  and  Directories   •  Protected  OperaKons  on  Objects:   –  Directory.list,  Directory.createFile,  Directory.createDir,  Directory.removeFile,   Directory.removeDir,  Directory.renameFile   –  File.view,  File.modify,  File.execute   •  Access  Control  Model:   –  A  subject  is  given  a  userId  and  a  set  of    groupId   –  Each  object  is  assigned  a  OWNER  and  a  GROUP   –  Each  Object  is  given  a  combinaKon  of  READ,  WRITE,  EXECUTE  permissions   for  the  assigned  OWNER  and  GROUP   –  Each  protected  operaKon  is  mapped  to  a  check,  for  example   •   File.view  is  allowed  if  and  only  if     –  File.owner  ==  Subject.userId  AND  File.permissions(OWNER)  includes  READ   –  OR  File.group  IS-­‐IN  Subject.groupId[]    AND  File.permissions(GROUP)  includes  READ   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   23  
  • 24. MR#  6.5.1   DDS  Security  Model   •  Subjects:    DDS  DomainParKcipant  (ParKcipant  GUID)   •  Protected  Objects:    DDS  Domain  and  DDS  Topic   •  Protected  Opera:ons  on  Objects  (logical  view):   –  DomainParKcipant.join   –  DomainParKcipant.add_read_parKKon   –  DomainParKcipant.add_write_parKKon   –  Topic.create   –  Topic.set_qos   –  Topic.set_reader_qos   –  Topic.read   –  Topic.set_writer_qos   –  Topic.write   –  Topic.create_instance   –  Topic.update_instance   –  Topic.dispose_instance   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   24  
  • 25. MR#  6.5.1   Mapping  of  DDS  API  to  protected  operaKons   DDS  API  Call     Protected  Opera:on   DomainParKcipantFactory.create_parKcipant   Discovery.match_remote_parKcipant   DomainParKcipant.join   DomainParKcipant.create_publisher   Publisher.set_qos   DomainParKcipant.add_write_parKKon   DomainParKcipant.create_subscriber   Subscriber.set_qos   DomainParKcipant.add_read_parKKon   DomainParKcipant.create_topic   Discovery.dicover_topic   Topic.create,  Topic.seq_qos   Topic.set_qos   Topic.set_qos   Subscriber.create_datareader   Discovery.dicover_datareader   Topic.read,  Topic.set_reader_qos   DataReader.set_qos   Discovery.change_datareader_qos   Topic.set_reader_qos   Publisher.create_datawriter   Discovery.dicover_datawriter   Topic.write,  Topic.set_writer_qos   DataWriter.set_qos   Discovery.change_datawriter_qos   Topic.set_writer_qos   DataWriter.register_instance   DataWriter.write   Topic.create_instance   Protocol.receive_instance_new   DataWriter.dispose   3/21/13   Protocol.receive_dispose   Topic.dispose_instance   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   25  
  • 26. DDS  &  RTPS  Support  for  Security   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   26  
  • 27. Support  for  Security  in  DDS  &  RTPS   •  DDS  ParKcipants  need  to  exchange  security   informaKon   –  CerKficates  for  AuthenKcaKon  &  Permissions   –  Handshake  messages  for  mutual  authenKcaKon  and   shared-­‐secret  establishment   –  KeyTokens  for  key-­‐exchange   •  These  messages  reuse  exisKng  DDS  mechanisms   –  Discovery  topics   –  BuilKn  data  readers  /  writers   •  EncrypKon  and  signatures  introduce  new  RTPS   Submessage  and  Submessage  elements   –  SecureSubMessage   –  SecuredData   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   27  
  • 28. Security  informaKon  propagated  via  DDS   discovery   struct  Property  {          string<>  name;   2  addiKonal  aRributes  added          string<>  value;   to   };   typedef  sequence<Property>   ParKcipantBuilKnTopicData:          PropertySeq;   struct  Token  {   IdenKtyToken  idenKty;          string<>  token_classid;   PermissionsToken  permissions;          string<>  wrapper_classid;          PropertySeq  properKes;          sequence<octet>  value;          sequence<octet>  wrapped_value;   };     typedef  Token  Iden:tyToken;   typedef  Token  PermissionsToken;   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   28  
  • 29. Security  informaKon  exchanged  via   BuilKnParKcipantMessageWriter   typedef  Token  CryptoToken;   sequence<CryptoToken>  CryptoTokenSeq;   4  addiKonal  kinds:   KIND_SECURITY_AUTH_HANDSHAKE   KIND_SECURITY_PARTICIPANT_CRYPTO_TOKENS   struct  CryptoTokensMsg  {   KIND_SECURITY_DATAWRITER_CRYPTO_TOKENS          octet  sending_guid[16];   KIND_SECURITY_DATAREADER_CRYPTO_TOKENS          octet  receiving_guid[16];          CryptoTokenSeq  crypto_tokens;   };   typedef  Token                                                HandshakeTokenMsg;   typedef  CryptoTokensMsg    Par:cipantCryptoTokensMsg;   typedef  CryptoTokensMsg    DatawriterCryptoTokensMsg;   typedef  CryptoTokensMsg    DatareaderCryptoTokensMsg;   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   29  
  • 30. BuilKnParKcipantMessageWriter   typedef    octet  GuidPrefix_t[12];   typedef    octet  Par:cipantMessageDataKind[4];   struct  Par:cipantMessageData  {            GuidPrefix_t  par:cipantGuidPrefix;  //@Key          Par:cipantMessageDataKind        kind;  //@Key          sequence<octet>  data;   };   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   30  
  • 31. Background:  RTPS   RTPS  Message   RTPS  SubMessage   RTPS  Header   SubMsg  Header   RTPS  SubMessage   SubMsg  Element   RTPS  SubMessage   SubMsg  Element   RTPS  SubMessage   SerializedData   RTPS  SubMessage   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   31  
  • 32. Cryptographic  SPI  at  the  wire-­‐protocol  level   Message  TransformaKon   RTPS  Header   RTPS  Header   RTPS  SubMessage   RTPS  SubMessage  (*)   Secure  encoding   RTPS  SubMessage  (*)   SerializedData   RTPS  SubMessage   RTPS  SubMessage   Secure  decoding   SecuredData   SerializedData   SerializedData   RTPS  SubMessage  (*)   RTPS  SubMessage   SecuredData   SerializedData   ©  2012  RTI  •  UNCLASSIFIED  •  PROPRIETARY  
  • 33. RTPS  Header   RTPS  Header   RTPS  SubMessage   RTPS  SubMessage   encode_seriali SerializedData   zed_data   SecuredData   SerializedData   RTPS  SubMessage   RTPS  SubMessage  
  • 34. RTPS  Header   RTPS  Header   encode_datawrite RTPS  SubMessage   r_submessage   RTPS  SecureSubMsg   RTPS  SubMessage   RTPS  SubMessage   RTPS  SubMessage   RTPS  Header   RTPS  Header   encode_dataread RTPS  SecureSubMsg   RTPS  SubMessage   er_submessage   RTPS  SubMessage   RTPS  SubMessage   RTPS  SubMessage  
  • 35. RTPS  Header   encode_rtps_message   RTPS  Header   RTPS  SubMessage   RTPS  SecureSubMsg   RTPS  SubMessage   RTPS  SubMessage   RTPS  SubMessage   RTPS  SubMessage   RTPS  SubMessage  
  • 36. RTPS  Header   encode_rtps_message   RTPS  Header   RTPS  SubMessage   RTPS  SecSubMsg   enco de_d RTPS  SecSubMsg   SerializedData   enco ataw de_s riter_ eriali su b m zed_d essag RTPS  SubMessage   ata   e   RTPS  SubMessage   SecuredData   SerializedData   SerializedData   RTPS  SecSubMsg   RTPS  SubMessage   SecuredData   SerializedData  
  • 37. Security  Plugins   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   37  
  • 38. Plaoorm  Independent  IntercepKon  Pts  +    SPIs     MR#  6.5.2   Service Plugin Purpose Interactions Authentication Authenticate the principal that is The principal may be an joining a DDS Domain. application/process or the user associated with that application Handshake and establish or process. shared secret between Participants may messages to participants do mutual authentication and establish shared secret Access Control Decide whether a principal is allowed Protected operations include to perform a protected operation. joining a specific DDS domain, creating a Topic, reading a Topic, writing a Topic, etc. Cryptography Perform the encryption and Invoked by DDS middleware to decryption operations. Create & encrypt data compute and verify Exchange Keys. Compute digests, MAC, compute & verify Digital compute and verify Message Signatures Authentication Codes. Sign and verify signatures of messages. Logging Log all security relevant events Invoked by middleware to log Data Tagging 3/21/13   Add a data ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   tag for each data sample 38  
  • 39. Plaoorm  Independent  SPIs    MR#  6.5.2   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   39  
  • 40. MR#  6.5.3   BuilKn  Plugins   SPI   Buil:n  Plungin   Notes   AuthenKcaKon   DDS:Auth:PKI-­‐RSA/DSA-­‐DH     Uses  PKI  with  a  pre-­‐configured  shared   CerKficate  Authority.   DSA  and  Diffie-­‐Hellman  for  authenKcaKon   and  key  exchange   Establishes  shared  secret   AccessControl   DDS:Access:PKI-­‐Signed-­‐ Permissions  document  signed  by  shared   XML-­‐Permissions     CerKficate  Authority   Cryptography   DDS:Crypto:AES-­‐CTR-­‐ Protected  key  distribuKon   HMAC-­‐RSA/DSA-­‐DH     AES128  and  AES256    for  encrypKon  (in   counter  mode)   SHA1  and  SHA256  for  digest   HMAC-­‐SHA1  and  HMAC-­‐256  for  MAC   DataTagging   Discovered_EndpointTags   Send  Tags  via  Endpoint  Discovery   Logging   DedicatedDDS_LogTopic   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   40  
  • 41. MR#  6.5.4   Mapping  to  DDS  Language  PSMs     •  Plugin  SPIs  to  be  defined  using  IDL   •  IDL-­‐to-­‐Language  mappings  used  for  each   Language  PSM   •  No  need  to  define  mappings  to  new  Javs5   PSM  and  STD-­‐C++  PSM   –  IDL-­‐derived  Language  PSMs  suffice  as  these  are   low-­‐level  interfaces  that  will  only  be  exercised  by   SPI  plugin  implementers.   NOTE:  IDL  file  is  missing  from  submission   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   41  
  • 42. Use  of  DDS  Interoperability  Protocol   MR#  6.5.5   •  Uses:  Buil%nPar%cipantMessageWriter/Reader     –  Msg  kind:          KIND_SECURITY_AUTH_HANDSHAKE     •  data:          MessageToken   –  Msg  kind:          KIND_SECURITY_KEY_TOKEN   •  Data:        KeyToken   •  Discovery  propagates  addiKonal  security  info   –  Buil:nPar:cipantTopicData   •  Iden:tyToken                    [PID_SEC_IDENTITY_TOKEN]   •  PermissionsToken    [PID_SEC_PERMISSIONS_TOKEN]   –  Buil:nPublica:onTopicData   •  DataTags                                    [PID_SEC_DATA_TAGS]   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   42  
  • 43. Agenda   •  Status  recap   •  Summary  of  submission   •  What  has  changed?   •  Some  details   •  Status  &  Conclusion   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   43  
  • 44. What  has  changed   •  Unified  Token  representaKons   –  All  Tokens  use  common  data-­‐type   –  Tokens  can  be  encrypted  (wrapped)  by  key   •  AuthenKcaKon  SPI  can  now  do:   –  Configurable  mulK-­‐step  Handshake    (subsumes  Challenge)   –  Establishment  of  Shared  Secret   •  Cryptography  SPI   –  Focuses  just  on  Crypto,  MAC,  DigitalSignature  and   KeyExchange   –  No  handshakes  anymore   •  Secure  envelopes   –  Data  protected  by  encrypKon  using  AES-­‐CTR  (as  before)   –  MAC  can  be  used  for  whole  RTPS  message  (as  before)   –  MAC  can  be  used  for  part  of  RTPS  message  (new)   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   44  
  • 45. Agenda   •  Status  recap   •  Summary  of  submission   •  What  has  changed?   •  Some  details   •  Status  &  Conclusion   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   45  
  • 46. Tokens  are  a  generic  mechanism  to  pass  informaKon   between  DDS  and  SPIs   Token  interpretaKon  defined  by  SPI  ImplementaKons   Some  tokens  are  propagated  via  DDS   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   46  
  • 47. Token  RepresentaKon   typedef string<> TokenClass; typedef string<> TokenWrappingClass; struct DDS_Property { char *property_name; char *property_value; }; struct DDS_Token { TokenClass token_classid; WrappingClass wrapping_classid; DDS_PropertySeq properties; DDS_OctetSeq value; DDS_OctetSeq wrapped_value; }; 3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   47  
  • 48. AuthenKcaKon   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   48  
  • 49. AuthenKcaKon  SPI   MR#  6.5.2   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   49  
  • 50. MR#  6.5.2   Meta-­‐Protocol  to   handshake  and   AuthenKcaKon   establish  shared   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   Behavior   secret   50  
  • 51. BuilKn    DDS:Auth:PKI-­‐DSA-­‐DH     •  Uses  shared  CerKficate  Authority  (CA)   –  All  ParKcipants  pre-­‐configured  with  shared-­‐CA   •  Performs  mutual  authenKcaKon  between   discovered  parKcipants  using  the  Digital   Signature  Algorithm  (DSA)     •  Establishes  a  shared    secret  using  Diffie-­‐ Hellman.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   51  
  • 52. ConfiguraKon  of  Auth:PKI-­‐DS-­‐DH   •  Three  things:   –  X.509  cerKficate  that  defines  the  shared  CA.  This   cerKficate  contains  the  Public  Key  of  the  CA.   –  RSA  private  key  of  the  DomainParKcipant.     –  An  X.509  cerKficate  that  chains  up  to  the  CA,  that   binds  the  DomainParKcipant  public  key    to  the   disKnguished  name  (subject  name)  for  the   parKcipant  and  any  intermediate  CA  cerKficates   required  to  build  the  chain   •  ConfiguraKon  API  outside  scope  of  specificaKon   –  Vendors  can  use  file,  QoS  property,  etc.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   52  
  • 53. Behavior  of  Auth:PKI-­‐DS-­‐DH   •  validate_local_parKcipant   –  IdenKtyCredenKalToken  has  X.509  cerKficate     –  Validates  cerKficate  against  CA   •  validate_remote_parKcipant   –  Receives  X.509  cert  of  remote  parKcipant  in   IdenKtyToken   –  Validates  X.509  cert  against  CA   –  Does  3-­‐message  handshake  to:   •  verify  possession  of  private  key     •  establish  SharedSecret   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   53  
  • 54. Remote  ParKcipant  AuthenKcaKon   ParKcipants  receive  X.509  Cert  of  remote  parKcipant  via   discovery   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   54  
  • 55. Remote  ParKcipant  AuthenKcaKon   Each  ParKcipant  calls  validate_remote_idenKty()  this   checks  remote  X.509  Cert  against  locally-­‐configured    CA   ParKcipant  with  highest  GUID  returns   PENDING_HANDSHAKE_REQUEST,  the  other   PENDING_HANDSAHKE_MESSAGE   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   55  
  • 56. Remote  ParKcipant  AuthenKcaKon   ParKcipant1  creates  CHALLENGE1  =  “CHALLENGE:<nonce>   and  sends  message  via  ParKcipantMessageWriter  with   MessageToken  :=  {CHALLENGE1}   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   56  
  • 57. Remote  ParKcipant  AuthenKcaKon   ParKcipant2  creates  CHALLENGE2  :=  CHALLENGE:<nonce>   ParKcipant2    sends  to  ParKcipant1  message  with     MessageToken  :=  {SIGN(CHALLENGE1),  CHALLENGE2}   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   57  
  • 58. Remote  ParKcipant  AuthenKcaKon   Part1  verifies  SIGN(CHALLENGE1)  using  Part2’s  PK   Part1    computes  a  SharedSecret   Part1  sends  message  with  contents:   MessageToken  :=  {SIGN(CHALLENGE2),  ENCRYPT(SharedSecret)}   Encrypt  uses  Part2’s  PK.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   58  
  • 59. Remote  ParKcipant  AuthenKcaKon   Part2  verifies  SIGN(CHALLENGE2)  using  Part1’s  PK   Part2    decrypts  SharedSecret  using  its  own  PK   We  have  Mutual  Authen:ca:on  and  a  SharedSecret   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   59  
  • 60. Access  Control   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   60  
  • 61. MR#  6.5.2   Access  Control  SPI   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   61  
  • 62. BuilKn    DDS:AC:PKI    SPI   •  Configured  with:   –  X.509  CerKficate  of  shared  Permissions  CA   –  PermissionsCredenKalToken   •  PermissionsCredenKalToken  contains   –  XML  file  with  permissions   –  Includes  SubjectName  matching  the  one  on   IdenKtyCredenKalToken   –  All  signed  by  Permissions  CA   This  binds  the  permissions  to  the  idenKty  established  by   the  AuthenKcaKonPlugin   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   62  
  • 63. Example  Permissions   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   63  
  • 64. Cryptographic   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   64  
  • 65. Cryptographic   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   65  
  • 66. MR#  6.5.3   Crypto-­‐AES-­‐CTR-­‐HMAC-­‐DSA-­‐DH   •  EncrypKon  uses  AES  in  counter  mode   –  Similar  to  SRTP,  but  enhanced  to  support  mulKple   topics  within  a  single  RTPS  message  and   infrastructure  services  like  a  relay  or  persistence   •  Use  of  counter  mode  turns  the  AES  block  cipher   into  a  stream  cipher   –  Each  DDS  sample  is  separately  encrypted  and  can  be   decrypted  without  process  the  previous  message   •  This  is  criKcal  to  support  DDS  QoS  like  history,  content   filters,  best-­‐efforts  etc.   •  DSA  and  Diffie-­‐Hellman  used  for  mutual   authenKcaKon  and  secure  key  exchange   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   66  
  • 67. BuilKn    DDS:Crypto-­‐AES-­‐CTR-­‐HMAC-­‐DSA-­‐ DH  SPI   •  Shared  secret  used  to  create  a  KeyExchangeKey   •  KeyExchangeKey  used  to  send  following  Master  Key  Material  using  the   BuilKnPublicaKonWriter:   –  MasterKey   –  MasterSalt   –  MasterHMACSalt   •  Based  on  this  the  following  Key  Material  is  computed:   –  SessionSalt  :=  HMAC(MasterKey,"SessionSalt"  +  MasterSalt  +  SessionId  +  0x00)        [  Truncated  to  128  bits]   –  SessionKey  :=  HMAC(MasterKey,"SessionKey"  +  MasterSalt  +  SessionId  +  0x01)   –  SessionHMACKey  :=  HMAC(MasterKey,"SessionHMACKey"  +  MasterHMACSalt  +  SessionId)   Note:  SessionId  goes  on  the  EncryptedMessage  Envelope   •  EncrypKon  uses  AES  in  Counter  (CTR)  mode   –  The  session  counter  is  sent  on  EncryptedMessage  Envelope.   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   67  
  • 68. Conclusion   •  Submission  revised  based  on  addiKonal   implementaKon  experience   •  Plugin  APIs  modified  to  enhance  performance  and   support  implementaKons  that  want  to  use  MIKEY   exchanges  and  SRTP  style  encrypKon   •  A  few  things  are  sKll  missing   –  IDL  for  interfaces   –  Wire  protocol  parameter-­‐ID  assignment   –  Resolve  inconsistencies  in  document   –  Examine  is  there  are  special  rules  that  affects  ParKKons   •  TargeKng  June  2013  for  vote  to  recommend  adopKon   3/21/13   ©  2012  Real-­‐Time  InnovaKons,  Inc.    -­‐    All  rights  reserved   68  
  • 69. Find  out  more…   www.rK.com   dds.omg.org   community.rK.com   www.omg.org   demo.rK.com   www.youtube.com/realKmeinnovaKons   blogs.rK.com   www.twiRer.com/RealTimeInnov   www.facebook.com/RTIso`ware   www.slideshare.net/GerardoPardo   ©  2012  RTI  •  ALL  RIGHTS  RESERVED   69