Your systems. Working as one.
Is Your Data Secure?
June 24 – RTI Sponsored Webinar
Gordon Hunt, gordon.hunt@rti.com
Agenda
• What is Data?
• What is Security?
• How to Bring it all Together?
• Why does it Matter?
What is Data?
Data-At-Rest?
• Where is it
• Single view of the ‘answer’
• Heterogeneous views
• How do I get to it
• State...
Example: Clinical Decision Support Systems
Workstations,
Storage, Historical
HL7/EMR Gateway, Enterprise, 3rd Party
Room
D...
Example: Where and What is the Data?
Workstations,
Storage, Historical
HL7/EMR Gateway, Enterprise, 3rd Party
Room
Care Ar...
Example: Blue Force Tracker Systems
6
TSG TSG
TSG
JNN
Ku-Band
ARMY
BFT1
BFT1
L-Band
VSAT
JCR
NOC
L-Band
Ground Stations
EP...
Messages and Routing versus Actionable Data
• Message-Centric NOC
Architecture
– Point to Point
– State is Implicit
– Inte...
Results of Making Data Actionable
• Before
I. Custom implementation for
the Army
II. Centralized, monolithic and
tightly c...
Where is the Data?
Point-to-point, sockets, RPC, RMI
Data and its state is in the applications
Each application maintains ...
Where is the Data?
Centralized Analytics and Control
• Limits scalability and performance
– Capacity of individual links a...
Where is the Data?
Distributed Analytics & Control
• Analyze orders of magnitude more data
• Lower latency control for fas...
What is Security?
• Authentication:
– The bank knows who you are; you must show ID.
• Access Control:
– The bank only lets...
How to Implement Security?
Security Related Infrastructure
• Intrusion Detection and Actions
• Malware Detection and Preve...
Where is Security?
Multiple Security Boundaries
• Boundary Security
• Transport-Level
– Network (layer 3) security
– Sessi...
RPC
over DDS
2014
DDS
Security
2014
Web-Enabled
DDS
2013
15
DDS
Implementation
App
DDS
Implementation
App
DDS
Implementati...
Data Identity
in the Global Data Space
• Domain:
– The world you are talking about
• Topic:
– A group of similar objects
•...
Data Behavior
in the Global Data Space
• Aside from the actual data to be delivered, users often
need to specify HOW to se...
Deadline
Reliability
HistoryLiveliness
Time Based
Filter
Content
Filtering
Durability
Ownership
Partition
Presentation
Lif...
Deadline
Reliability
(optional)
HistoryLiveliness
Time Based
Filter
Content
Filtering
Durability
Ownership
Partition
Prese...
Deadline
Reliability
HistoryLiveliness
Time Based
Filter
Content
Filtering
Durability
Ownership
Partition
Presentation
Lif...
Deadline
Reliability
History
Liveliness
Time Based
Filter
Content
Filtering
Durability
Ownership
Partition
Presentation
Li...
Deadline
Reliability
HistoryLiveliness
Time Based
Filter
Content
Filtering
Durability
Ownership
Partition
Presentation
Lif...
Data Security
in the Global Data Space
• Access control per Topic
– And all that that implies
• Read versus-write permissi...
Data Security
in the Global Data Space
• Authentication:
– The Domain knows who you are, you must show ID
• Access Control...
Data Security
How is it Done?
• Security Model
– What to Protect
• Security Plugin APIs
– How/where to protect
– Interchan...
Data Security
Threats in the Global Data Space
1. Unauthorized subscription
2. Unauthorized publication
3. Tampering and r...
Data Security
Using Secure DDS (per OMG spec)
• Start with a Domain Configuration
– Signed document that sets
policies for...
Data Security
Using Secure DDS per OMG specification
• For each Participant
– Its an identified point of access
– Enables ...
What’s Happening Inside DDS?
Create
Domain
Participant
Authenticate
DP?
Create
Endpoints
Discover
remote
Endpoints
Send/Re...
What’s Happening on the Wire?
• RTPS Protocol Supports
– Rigorous identity, source
and destination indication
– Sequence n...
Why does it Matter?
Connext DDS Secure Benefits
• Decentralized
– High performance
– No single point of failure
• Runs ove...
Control Station
DNP3
Master
Device
Transmission Substation
DNP3
Slave
Device
Why does it Matter?
RTI and PNNL Grid Securit...
Control Station
DNP3
Master
Device
Transmission Substation
DNP3
Slave
Device
Why does it Matter?
RTI and PNNL Grid Securit...
Control Station
DNP3
Master
Device
Transmission Substation
DNP3
Slave
Device
Why does it Matter?
RTI and PNNL Grid Securit...
Why does it Matter?
Secure, flexible, scalable, and performant
system integration.
• Decoupled access to data via the Glob...
DDS Secure
Connext DDS Professional
RTI Connext™: A Next Generation Infrastructure
DDS-RTPS Wire Interoperability Protocol...
Next Steps & Questions
• Evaluation Available Today
• Contact
– info@rti.com Or your local Account Manager
www.rti.com
com...
Upcoming SlideShare
Loading in …5
×

Is Your Data Secure

1,072 views

Published on

Is Your Data Secure?
Odds are good that your data is extremely important to you. Now consider how one secures that data. Typical approaches address access, authentication, integrity, non-repudiation and confidentiality concerns at the domain and link layers, implicitly securing the data. The challenge and need is to move these security specifications to the data itself, and provide explicit security policies on each element of system-identified data.

Why is this level of finesse needed? As you build out your systems, and systems of systems, how do you manage security when individually element of data, the communication links, and domain boundaries have different behaviors? With this level of complexity and risk, it's critical to have awareness at the level that matters – the data level – so you can make the right design and implementation decisions.

At this webinar, learn how to achieve an assured and predictable security footprint by minimizing the leak of information or exploitation of data through unintended consequences. Secure DDS offers data-centric configuration policies for content and behaviors. Recognizing that security isn't one-size fits all, a standards-based optional plugin SDK allows developers to create custom security plugins.

Connext Secure DDS is the world's first turnkey DDS security solution that conforms to the OMG specification and provides an essential security infrastructure that is data-focused for DDS and legacy systems.

Watch On-Demand: http://ecast.opensystemsmedia.com/478

Published in: Software, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,072
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
31
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Is Your Data Secure

  1. 1. Your systems. Working as one. Is Your Data Secure? June 24 – RTI Sponsored Webinar Gordon Hunt, gordon.hunt@rti.com
  2. 2. Agenda • What is Data? • What is Security? • How to Bring it all Together? • Why does it Matter?
  3. 3. What is Data? Data-At-Rest? • Where is it • Single view of the ‘answer’ • Heterogeneous views • How do I get to it • State is centralized Data-In-Motion? • How to send/share it • Shared view of the ‘answer’ • Homogeneous views • How we say it • State is distributed
  4. 4. Example: Clinical Decision Support Systems Workstations, Storage, Historical HL7/EMR Gateway, Enterprise, 3rd Party Room Devices Care Area Administration
  5. 5. Example: Where and What is the Data? Workstations, Storage, Historical HL7/EMR Gateway, Enterprise, 3rd Party Room Care Area Administration Location: Room 247B Data: HomerSimpson
  6. 6. Example: Blue Force Tracker Systems 6 TSG TSG TSG JNN Ku-Band ARMY BFT1 BFT1 L-Band VSAT JCR NOC L-Band Ground Stations EPLRS EPLRS EPLRS EPLRS ARMY EPLRS EPLRS EPLRS USMC TSG TSG TSG DISA JBCP NOC
  7. 7. Messages and Routing versus Actionable Data • Message-Centric NOC Architecture – Point to Point – State is Implicit – Intermediate messages are not actionable • Data-Centric NOC Architecture – Observable databus – State is Explicit – Intermediate state is actionable Comtech Side A Comtech Side B CUI Network Gateway Satcom 1 CUI Network Gateway Satcom 2 SEC Region Server 3 SEC NOC Cntlr SEC MySQL Server SEC NTP SEC CDI CUI Region Server 1 CUI NOC Cntrlr CUI MySQL Server CUI CDI CUI NDS CUI NAS Network Switch Network Switch NIPR NTP NIPR CDI SEC C2R DDS CUI NOC Secret NOC Radiant Mercury CUI ASA 5510 Comtech LBAND NIPRNET SEC Router SEC Isolation Router CUI Isolation Router CUI Isolation Router BFT1 NEH Cisco 2924XL SEC Legacy Gateway SEC JCR Gateway SEC Satcom Gateway SIPRNET SEC NDS SEC NAS Cisco 2924XL CUI Aux Trans CUI NTP SEC Aux Trans CUI MTS- ES CUI Region Server 2 SEC Region Server 4 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 Dell PowerEdge 815 RTI DDS SEC Enclave Radiant Mercury CP Conduit G SIPRNet CP Conduit H Cross Domain Conduit J SA Process C2 Process SDSA Process KGV-72 x 4 CUI SA Process C2 Process SDSA Process SA Process C2 Process SDSA Process JCR NOC NOC SA Display Conduit K SA Process C2 Process SDSA Process Type 1 Conduit I SA Process C2 Process SDSA Process SIPRNet Persistence Server SDSA/C2 Routing Configuration Management Logging Health Monitoring DataStore NOC Addressed C2 Display ASCOPE ASCOPE Datastore
  8. 8. Results of Making Data Actionable • Before I. Custom implementation for the Army II. Centralized, monolithic and tightly coupled III. Under development for 8 years IV. 500,000 SLoC V. Required 21 quad-core servers VI. Supported 10,000 sustained tracks VII. Suffered reliability and uptime challenges • After I. Standards based, COTS and Open Architecture II. De-centralized, modular and de-coupled III. PoC completed in 1 week, full system in 1 year IV. 50,000 SLoC V. Only requires a single core system VI. Supports 500,000 sustained tracks VII. Inherently supports full redundancy 8
  9. 9. Where is the Data? Point-to-point, sockets, RPC, RMI Data and its state is in the applications Each application maintains its view Centralized, DB, ESBs Data and its state is in the Database Managed interactions with data and state Decentralized, Data Centric Data and its state is in the bus Stateless clients/services Data needs explicit properties to manage its behavior Broker ESB DBMS
  10. 10. Where is the Data? Centralized Analytics and Control • Limits scalability and performance – Capacity of individual links and switch ports – CPU and resource limits on servers • Diminished robustness – Tied to server maintenance and failures – Single point of “vulnerability” • Lessens capabilities and utility – Single centralized “brain” – No autonomy or Intelligence at the edge. • Brittle security. All intelligence is “in a box” Centralized ESB, Database, or Message Broker
  11. 11. Where is the Data? Distributed Analytics & Control • Analyze orders of magnitude more data • Lower latency control for faster response • Highly resilient, no single point of failure • Fine-grained access control and security • More capable and flexible Intelligence at the edge Decentralized, fully Distributed DDS DataBus
  12. 12. What is Security? • Authentication: – The bank knows who you are; you must show ID. • Access Control: – The bank only lets those on an access list into your box. • Confidentiality: – You are alone in the room Nobody can see the contents of the box. • Integrity: – The box is sealed. If anybody touches it you will know. • Non repudiation: – You sign when you come in and out so you can’t claim that you weren’t there. • Availability: – The bank is always open.
  13. 13. How to Implement Security? Security Related Infrastructure • Intrusion Detection and Actions • Malware Detection and Prevention • Secure Boot & Trusted Platforms • Secure Comms and Data Links • Key and Identity Mgmt. • Cryptologic Functions • … Very Domain specific – may need all of these e.g.
  14. 14. Where is Security? Multiple Security Boundaries • Boundary Security • Transport-Level – Network (layer 3) security – Session (layer 4/5) security – Endpoint-based access • Fine-grained Data-Centric Security – Queue/table-based access – Decentralized or centralized? Ultimately you need to implement all of them
  15. 15. RPC over DDS 2014 DDS Security 2014 Web-Enabled DDS 2013 15 DDS Implementation App DDS Implementation App DDS Implementation DDS Spec 2004 DDS Interoperablity 2006 UML DDS Profile 2008 DDS for Lw CCM 2009 DDS X-Types 2010 2012 DDS-STD-C++ DDS-JAVA5 How to Bring it all Together? The Interoperability Standard: App Network / TCP / UDP / IP / SharedMem / …
  16. 16. Data Identity in the Global Data Space • Domain: – The world you are talking about • Topic: – A group of similar objects • Similar structure (“type”) • Similar way they change over time (“Quality of Service”) • Instance: – An individual object in the topic group of similar objects • Like the “key” fields in a database table • Domain Participant: – A connection to the Domain in order to source/observe observations • Data Writer: – The source of observations about a set of data objects (Topic) • Data Reader: – Observer of a set of data-objects • Sample: – An update of an instance Domain Topic “A” Topic “B” Logical Physical
  17. 17. Data Behavior in the Global Data Space • Aside from the actual data to be delivered, users often need to specify HOW to send it … … reliably (or “send and forget”) … how much data (all data , last 5 samples, every 2 secs) … how long before data is regarded as ‘stale’ and is discarded … how many publishers of the same data is allowed … how to ‘failover’ if an existing publisher stops sending data … how to detect “dead” applications … … • These options are controlled by formally-defined Quality of Service (QoS)
  18. 18. Deadline Reliability HistoryLiveliness Time Based Filter Content Filtering Durability Ownership Partition Presentation LifespanDestination Order Resource Limits Latency Budget Flow Control User, Group, Topic Data Batching Transports Multi- Channel Async Publisher DDS Quality of Service
  19. 19. Deadline Reliability (optional) HistoryLiveliness Time Based Filter Content Filtering Durability Ownership Partition Presentation Lifespan Destination Order Resource Limits Latency Budget Flow Control User, Group, Topic Data Batching (optional) Transports Multi- Channel Async Publisher Use Case: Streaming Data
  20. 20. Deadline Reliability HistoryLiveliness Time Based Filter Content Filtering Durability Ownership Partition Presentation Lifespan Destination Order Resource Limits Latency Budget Flow Control User, Group, Topic Data Batching Transports Multi- Channel Async Publisher Use Case: Alarms / Events
  21. 21. Deadline Reliability History Liveliness Time Based Filter Content Filtering Durability Ownership Partition Presentation Lifespan Destination Order Resource Limits Latency Budget Flow Control User, Group, Topic Data Batching Transports Multi- Channel Async Publisher Use Case: Large Data
  22. 22. Deadline Reliability HistoryLiveliness Time Based Filter Content Filtering Durability Ownership Partition Presentation Lifespan Destination Order Resource Limits Latency Budget Flow Control User, Group, Topic Data Batching Transports Multi- Channel Async Publisher Use Case: Last Value Cache
  23. 23. Data Security in the Global Data Space • Access control per Topic – And all that that implies • Read versus-write permissions – But enable fully distributed enforcement • Source-specific permissions and tagging – Fine-grained specificity of policies Topics Domain Topic “B” Topic “A” Topic “C”
  24. 24. Data Security in the Global Data Space • Authentication: – The Domain knows who you are, you must show ID • Access Control: – Only those on the Topics’ access list are allowed (r/w) • Confidentiality: – Data payload and meta-data individually encrypted. • Integrity: – Data samples include destination specific signatures/MACs. • Non repudiation: – Specified behavior and associated quality of service for acknowledgements • Availability: – DDS managed and specified behavior, rich fault/failure management
  25. 25. Data Security How is it Done? • Security Model – What to Protect • Security Plugin APIs – How/where to protect – Interchangeability of the plugins • DDS RTPS Wire Protocol – Data encapsulation and discovery interoperability • Default Builtin Plugins – Out-of-box implementation – Interoperable implementations OMG DDS Security Specification RTI Connext™ DDS Implementation
  26. 26. Data Security Threats in the Global Data Space 1. Unauthorized subscription 2. Unauthorized publication 3. Tampering and replay 4. Unauthorized access to data by infrastructure services Alice: Allowed to publish topic ‘T’ Bob: Allowed to subscribe to topic ‘T’ Eve: Non-authorized eavesdropper Trudy: Intruder Mallory: Malicious insider Trent: Trusted infrastructure service Alice Bob Eve Trudy Trent Mallory
  27. 27. Data Security Using Secure DDS (per OMG spec) • Start with a Domain Configuration – Signed document that sets policies for the Domain • Specifies – What Topics are discovered using Secure Discovery – Encrypt or Sign for Secure Discovery – What Topics have controlled access – Encrypt or Sign for each secure Topic • User data and payload • Metadata and routing information – What to do with unauthenticated access requests
  28. 28. Data Security Using Secure DDS per OMG specification • For each Participant – Its an identified point of access – Enables fully distributed authentication – Enables local access enforcement • Specifies – What Domain IDs it can join – What Topics it can read/write – What Topics it can relay – What Partitions it can join – What Tags are associated with the Readers and Writers
  29. 29. What’s Happening Inside DDS? Create Domain Participant Authenticate DP? Create Endpoints Discover remote Endpoints Send/Receive data Discover remote DP Authenticate DP? Yes Domain Participant Create Fails No Access OK? Endpoint Create Fails No Authenticate Remote DP? Ignore Remote DP No Yes Access OK? Ignore remote endpoint Message security DP = Domain Participant Endpoint = Reader / Writer No
  30. 30. What’s Happening on the Wire? • RTPS Protocol Supports – Rigorous identity, source and destination indication – Sequence numbers for state recreation – Content awareness for efficient delivery – Timestamps for data and state integrity – Efficient use of transports – Proxy & routing support – Reliability & synchronization handshaking … encode_serialized_data() encode_datawriter_submessage() encode_datareader_submessage() encode_rtps_message() …
  31. 31. Why does it Matter? Connext DDS Secure Benefits • Decentralized – High performance – No single point of failure • Runs over any transport – Including low bandwidth, unreliable – Multicast for scalability, low latency • Select encryption or message authentication – Only encrypt private data – Up to 100x faster • Customizable plugin architecture • Data Distribution Service (DDS) compliant • Works with unmodified existing apps Connext DDS library Authentication Access Control Encryption Data Tagging Logging Application Any Transport (e.g., TCP, UDP, multicast, shared memory, )
  32. 32. Control Station DNP3 Master Device Transmission Substation DNP3 Slave Device Why does it Matter? RTI and PNNL Grid Security Retrofit RTI Routing Service ComProcessor RTI Routing Service Gateway DNP3 Slave Device DNP3 over RS232/485 DNP3 over Ethernet DNP3 over DDS RTI Routing Service Gateway DDS LAN DDS LAN RTI Routing Service ComProcessor IP Router IP Router DDS over WAN DDS over UDP/WAN Effective DNP3 connection Details at http://blogs.rti.com
  33. 33. Control Station DNP3 Master Device Transmission Substation DNP3 Slave Device Why does it Matter? RTI and PNNL Grid Security Retrofit DNP3 Slave Device DNP3 over RS232/485 DNP3 over Ethernet DNP3 over DDS RTI Routing Service Gateway IP Router IP Router DDS over WAN Secure DDS over UDP Effective DNP3 connection Details at http://blogs.rti.com RTI Routing Service Gateway RTI Routing Service ComProcessor RTI Routing Service Gateway RTI Routing Service ComProcessor
  34. 34. Control Station DNP3 Master Device Transmission Substation DNP3 Slave Device Why does it Matter? RTI and PNNL Grid Security Retrofit DNP3 Slave Device DNP3 over RS232/485 DNP3 over Ethernet DNP3 over DDS RTI Routing Service Gateway IP Router IP Router DDS over WAN Secure DDS over UDP Attack Detector Display Scada Converter Anomaly Detector Effective DNP3 connection Details at http://blogs.rti.com RTI Routing Service Gateway RTI Routing Service ComProcessor RTI Routing Service Gateway RTI Routing Service ComProcessor
  35. 35. Why does it Matter? Secure, flexible, scalable, and performant system integration. • Decoupled access to data via the Global Data Space – This does not mean loss of access control to the information and data – It means that the Data Space must have an associated security model • DDS can use standard PKI and cryptographic techniques to enforce the security policies • DDS can use domain-specific system technologies and capabilities to address security The key is to use a data-centric security model
  36. 36. DDS Secure Connext DDS Professional RTI Connext™: A Next Generation Infrastructure DDS-RTPS Wire Interoperability Protocol DDS & JMS Libraries Routing Service Database Integration Connext DDS Micro Connext DDS Cert Administration Monitoring Microsoft Excel Recording Replay Wireshark Persistence Logging Prototyper General Purpose Real-Time Apps Remote Apps Disparate Apps Adapter RDBMS Small Footprint Apps Safety critical Applications DDS-RTPS Wire Interoperability Protocol
  37. 37. Next Steps & Questions • Evaluation Available Today • Contact – info@rti.com Or your local Account Manager www.rti.com community.rti.com www.facebook.com/RTIsoftware www.slideshare.net/RealTimeInnovations www.twitter.com/RealTimeInnov blogs.rti.com www.youtube.com/realtimeinnovations www.omg.org dds.omg.org

×