Historically, communication security standards have addressed the creation of a secure channel between two parties, where one of the two plays the role of the client and the other the role of the server. While a secure channel is a key building block for implementing a secure distributed system, it is simply a transport-level abstraction, as a consequence applications or other infrastructural layers have to provide additional higher level abstractions to manage information security.
The DDS Security Standard disrupts this tradition by raising the abstraction level and providing an information-centric security model. This high-level information-centric security model is supported by a modular security framework that allows for pluggable authentication, crypto, access control and logging. Additionally, the security protocol provides support for efficient group communication while retaining important properties such as non-repudiation.
This presentation (1) introduces the recently finalized DDS Security standard, (2) explains in depth the DDS security model and the mechanisms that support-it, and (3) showcases how the DDS Security standard can be used to secure your systems.