SlideShare a Scribd company logo

DDS-Security Interoperability Demo - March 2018

Gerardo Pardo-Castellote
Gerardo Pardo-Castellote

The document describes a demonstration of interoperability between 5 vendor DDS security implementations using a shapes demo application. The demo consists of 6 scenarios that illustrate different aspects of DDS security configuration and functionality, including controlling access to the domain, enabling open access to selected topics, comparing data integrity vs encryption, protecting metadata, securing discovery, and fine-grained access control at the topic level. Each scenario varies the security governance and permission files to achieve the desired access control configuration.

Software
1 of 16
Download to read offline
3/19/2018 Copyright © 2018 OMG. All rights reserved. 1 DDS Security Interoperability Demo DDS™ – The Proven Data Connec9vity Standard for IIoT™ dds/2018-03-01 Reston, March 2018
DDS Security Demo — Overview 12/06/17 2 •  5 Vendor Products: •  CoreDX DDS from Twin Oaks CompuQng •  Connext DDS from Real Time InnovaQons (RTI) •  InterComm DDS from Kongsberg •  Vortex Cafe DDS from ADLink •  OpenDDS from Object CompuQng Inc (OCI) •  Using Shapes demo soware: •  Familiar from previous interoperability demos •  DemonstraQng granular configurability of DDS Security protocols •  Each ParQcipant has its own permissions – what exactly it can publish / subscribe •  Each Topic has its own configuraQon – encrypted, signed, clear, encrypted discovery
DDS Security Demo — Topics 12/06/17 3 Square Topic -  Secure Discovery -  Encrypted Data -  AuthenQcated Metadata -  Protected Access: AuthenQcated ParQcipants must have permissions to publish and/or subscribe Circle Topic -  Secure Discovery -  AuthenQcated Data -  AuthenQcated Metadata -  Protected Access: ParQcipants must have permissions to publish and/or subscribe Triangle Topic -  Open Discovery -  Open Data -  Open Access: Any parQcipant may publish and/or subscribe
DDS Security Configura9on Permissions IdenQty Governance Permissions IdenQty Permissions IdenQty PrivateKey PrivateKey PrivateKey Identity CA Permissions CA Permissions IdenQty PrivateKey
DDS Security Demo — Publishing 12/06/17 5 Permissions -  ALLOW Write Square -  DENY Write Circle Permissions -  ALLOW Write Circle -  DENY Write Triangle Permissions -  ALLOW Write Triangle -  DENY Write Square Permissions -  ALLOW Write Triangle -  DENY Write Circle
DDS Security Demo — Subscribing 6 Permissions Permissions Permissions Permissions
•  The demo consists of the following scenarios: •  Interoperability Without Security Enabled (SC#0) •  Controlled Access to Domain (SC#1) •  Enabling Open Access to Selected Topics (SC#2) •  Data Integrity versus Encryp9on (SC#3) •  Metadata protecQon (SC#4) •  Secure Discovery (SC#5) •  Topic Level Access Control (SC#6) Demo 12/06/17 Copyright © 2017 OMG. All rights reserved. 7
•  Objec9ve: DDS Security is an extension of DDS —sQll possible to run applicaQons without any protecQon. •  Governance File: Specifies domain 0 as an “open domain”. Governance_SC0_SecurityDisabled.xml •  Permission Files: None are needed for this scenario. Permissions_JoinDomain_<VENDOR>.xml •  Applica9ons: Regular and Secured and Shapes Demo SC#0: Interoperability Without Security Copyright © 2017 OMG. All rights reserved. 8 Subscribing to “Square” Expected Result All (Secure) RTI, TwinOaks, Kongsberg Receives All: Square: BLUE, GREEN, MAGENTA , RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg Receives All: Square: BLUE, GREEN, MAGENTA, RED, ORANGE 12/06/17 Publishing RTI SecureShapes BLUE Square TwinOaks SecureShapes GREEN Square Kongsberg SecureShapes MAGENTA Square ADLink RegularShapes RED Square OCI RegularShapes ORANGE Square OFF OFF OFF OFF OFF
•  Objec9ve: DDS Security can be used to protect access to a DDS Domain. Only applicaQons that can authenQcate and have the proper permissions can join the Domain. •  Governance File: Specifies domain 0 as a "protected domain." Governance_SC1_ProtectedDomain1.xml •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. •  Applica9ons: Regular and Secured and Shapes Demo SC#1: Controlled Access to Domain Copyright © 2017 OMG. All rights reserved. 9 Subscribing to “Square” Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Receives only from Secure: Square: BLUE, GREEN, MAGENTA , RED All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Receives only from Non-Secure Square: ORANGE 12/06/17 Publishing RTI BLUE Square TwinOaks GREEN Square Kongsberg MAGENTA Square ADLink RED Square OCI ORANGE Square
Subscribing “Square”, “Circle”, “Triangle” Expected Result Receives: RTI (Secure) Read Perm: Circle + Triangle Square: none Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE Twin Oaks (Secure) Read Perm: Square + Triangle Square: BLUE, MAGENTA Circle: none Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Kongsberg (Secure) Read Perm: Square + Circle Square: BLUE, MAGENTA Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE ADLink (Secure) Read Perm: Square + Circle Square: BLUE, MAGENTA , Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE OCI (Not Secure) Square: ORANGE, Circle: ORANGE Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE •  Objec9ve: Illustrates it is possible to allow access to certain Topics by unsecured applicaQons (e.g, for legacy applicaQons not running DDS Security). •  Governance File: Governance_SC2_ProtectedDomain2.xml •  Allows unauthenQcated parQcipants to join domain 0 •  Square and Circle: • Protected for read/write access • Encrypt/sign metadata • Use secure discovery •  Triangle • Unprotected for read/write access (open to all) • No encrypt/sign • Use regular (unsecured) discovery • Permission Files: Each vendor has its own permissions file. Permissions_TopicLevel_<VENDOR>.xml. • Applica9ons: Regular and Secure and Shapes Demo SC#2: Open Access to Selected Topics Publishing RTI Write Perm: Squares BLUE Square BLUE Circle BLUE Triangle TwinOaks Write Perm: Circle GREEN Square GREEN Circle GREEN Triangle Kongsberg Write Perm: Square MAGENTA Square MAGENTA Circle MAGENTA Triangle ADLink Write Perm: Circle RED Square RED Circle RED Triangle OCI ORANGE Square ORANGE Circle ORANGE Triangle
•  Objec9ve: Illustrate different kinds of data protecQon. •  Encrypted (EN+SG)—(Encrypt and Sign) protected •  Signed data (SG)—vulnerable to snooping but not tampering •  Open data (OD)—vulnerable to tampering •  Governance File: Specifies domain 0 as a "protected domain” Governance_SC3_ProtectedDomain3.xml •  Squares shall be encrypted •  Circles shall be signed •  Triangles are unprotected •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. •  Applica9ons: Secured Shapes Demo + Wireshark SC#3: Data Integrity versus Encryp9on Subscribing: Square + Circle + Triangle Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle data in the clear Can see Circle data, but it is signed (or OD from OCI) Cannot see Square data—it is encrypted Publishing RTI BLUE Square (EN + SG) ‘#’ BLUE Circle (SG) ‘$’ BLUE Triangle (OD) ‘%’ TwinOaks GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ GREEN Triangle (OD) ‘%’ Kongsberg MAGENTA Square (EN + SG) ‘#’ MAGENTA Circle (SG) ‘$’ MAGENTA Triangle (OD) ‘%‘ ADLink GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ RED Triangle (OD) ‘%’ OCI (not secure) ORANGE Triangle ‘%’ ShapeSizes: Square -> 35 ‘#’ Circle -> 36 ‘$’ Triangle -> 37 ‘%’
•  Objec9ve: Illustrate concept of protecQng metadata. •  Encrypted (EN+SG)—Encrypt and Signed metadata protected •  Signed metadata (SG)—vulnerable to snooping but not tampering •  Open metadata (OD)—vulnerable to tampering •  Governance File: Specifies domain 0 as a "protected domain" Governance_SC4_ProtectedDomain4.xml •  Square metadata shall be encrypted •  Circle metadata shall be signed, •  Triangle metadata is unprotected •  Payload is le open for all topics for illustraQon •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. SC#4: Metadata Protec9on Publishing RTI BLUE Square (EN + SG) ‘#’ BLUE Circle (SG) ‘$’ BLUE Triangle (OD) ‘%’ TwinOaks GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ GREEN Triangle (OD) ‘%’ Kongsberg MAGENTA Square (EN+SG) ‘#’ MAGENTA Circle (SG) ‘$’ MAGENTA Triangle (OD) ‘%‘ ADLink RED Square (EN + SG) ‘#’ RED Circle (SG) ‘$’ RED Triangle (OD) ‘%‘ OCI (not secure) ORANGE Triangle ‘%’ Subscribing Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, ADLink, OCI Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle metadata & data Can see Circle metadata, but it is signed Cannot see Square metadata—it is encrypted Also peek at Discovery – It is all clear ShapeSizes: Square -> 35 ‘#’ Circle -> 36 ‘$’ Triangle -> 37 ‘%’
•  Objec9ve: Illustrates that discovery informaQon also be protected. •  Governance File: Specifies domain 0 as a "protected domain." Governance_SC5_ProtectedDomain5.xml •  Topic Triangle data and metadata are neither encrypted nor signed—sent over regular discovery •  Topic Circle data and metadata are signed, but not encrypted—sent over secure discovery •  Topic Square data and metadata are encrypted and signed—sent over secure discovery • Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. • Applica9ons: Secure Shapes Demo SC#5: Secure Discovery Publishing RTI BLUE Square (EN + SG) BLUE Circle (SG) BLUE Triangle (OD) TwinOaks GREEN Square (EN + SG) GREEN Circle (SG) GREEN Triangle (OD) Kongsberg MAGENTA Square (EN+SG) MAGENTA Circle (SG) MAGENTA Triangle (OD) ADLink RED Square (EN + SG) RED Circle (SG) RED Triangle (OD) OCI ORANGE Triangle (OD) Subscribing Square + Circle + Triangle Expected Result All (Secure) RTI, TwinOaks, Kongsberg Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle discovery in the clear Cannot see Circle discovery Cannot see Square discovery
Subscribing Expected Result RTI Read Perm: Circle + Triangle Subscribes: Square, Circle, Triangle Receives: Square: none Circle: GREEN, RED Triangle: none Twin Oaks Read Perm: Square+Triangle Subscribes: Square, Circle, Triangle Receives: Square: BLUE, MAGENTA Circle: none Triangle: none Kongsberg Read Perm: Square + Circle Subscribes: Square, Circle, Triangle Receives: Square: BLUE Circle: GREEN, RED Triangle: none ADLink Read Perm: Square + Circle Subscribes: Square, Circle, Triangle Receives: Square: BLUE, MAGENTA Circle: GREEN, RED Triangle: none OCI (Not Secure) Triangle: ORANGE •  Objec9ve: Illustrates fine-grain access control at the Topic level. •  Governance File: Specifies domain 0 as a "protected domain." Indicates that Square •  All topics are protected for read/write access. •  All topics are sent over secure discovery •  All topics encrypt and sign metadata •  Governance_SC6_ProtectedDomain6.xml • Permission Files: Each vendor has its own permissions file. Permissions_TopicLevel_<VENDOR>.xml. • Applica9ons: Secure Shapes Demo SC#6: Topic-Level Access Control 12/06/17 Publishing RTI Write Perm: Squares BLUE Square BLUE Circle BLUE Triangle TwinOaks Write Perm: Circle GREEN Square GREEN Circle GREEN Triangle Kongsberg Write Perm: Square MAGENTA Square MAGENTA Circle MAGENTA Triangle ADLink Write Perm: Circle RED Square RED Circle RED Triangle OCI (Not Secure) ORANGE Triangle
●  Standard & Interoperable ●  Scalable: Supports mulQcast ●  Fine-grain: Control at the Topic-level ●  Flexible: Build your own plugins ●  Generic: Works over any Transport ●  Transparent: No changes to ApplicaQon Code! More powerful that other secure middleware technologies 15
Ques9ons?

Recommended

Overview of the DDS-XRCE specification
Overview of the DDS-XRCE specificationOverview of the DDS-XRCE specification
Overview of the DDS-XRCE specification
Gerardo Pardo-Castellote
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
Gerardo Pardo-Castellote
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)
Gerardo Pardo-Castellote
 
Connected Mobile and Web Applications with Vortex
Connected Mobile and Web Applications with VortexConnected Mobile and Web Applications with Vortex
Connected Mobile and Web Applications with Vortex
Angelo Corsaro
 
The DDS Security Standard
The DDS Security StandardThe DDS Security Standard
The DDS Security Standard
Angelo Corsaro
 
DDS and OPC UA Explained
DDS and OPC UA ExplainedDDS and OPC UA Explained
DDS and OPC UA Explained
Angelo Corsaro
 
Vortex: The Intelligent Data Sharing Platform for the Internet of Things
Vortex: The Intelligent Data Sharing Platform for the Internet of ThingsVortex: The Intelligent Data Sharing Platform for the Internet of Things
Vortex: The Intelligent Data Sharing Platform for the Internet of Things
Angelo Corsaro
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)
Gerardo Pardo-Castellote
 

Recommended

Overview of the DDS-XRCE specification
Overview of the DDS-XRCE specificationOverview of the DDS-XRCE specification
Overview of the DDS-XRCE specification
Gerardo Pardo-Castellote
 
Deep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway SpecificationDeep Dive into the OPC UA / DDS Gateway Specification
Deep Dive into the OPC UA / DDS Gateway Specification
Gerardo Pardo-Castellote
 
DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)DDS-XRCE (Extremely Resource Constrained Environments)
DDS-XRCE (Extremely Resource Constrained Environments)
Gerardo Pardo-Castellote
 
Connected Mobile and Web Applications with Vortex
Connected Mobile and Web Applications with VortexConnected Mobile and Web Applications with Vortex
Connected Mobile and Web Applications with Vortex
Angelo Corsaro
 
The DDS Security Standard
The DDS Security StandardThe DDS Security Standard
The DDS Security Standard
Angelo Corsaro
 
DDS and OPC UA Explained
DDS and OPC UA ExplainedDDS and OPC UA Explained
DDS and OPC UA Explained
Angelo Corsaro
 
Vortex: The Intelligent Data Sharing Platform for the Internet of Things
Vortex: The Intelligent Data Sharing Platform for the Internet of ThingsVortex: The Intelligent Data Sharing Platform for the Internet of Things
Vortex: The Intelligent Data Sharing Platform for the Internet of Things
Angelo Corsaro
 
DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)DDS-XRCE - Revised Submission Presentation (September 2017)
DDS-XRCE - Revised Submission Presentation (September 2017)
Gerardo Pardo-Castellote
 
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Gerardo Pardo-Castellote
 
Desktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex CaféDesktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex Café
Angelo Corsaro
 
Building Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-WebBuilding Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-Web
Angelo Corsaro
 
Architecting IoT Systems with Vortex
Architecting IoT Systems with VortexArchitecting IoT Systems with Vortex
Architecting IoT Systems with Vortex
Angelo Corsaro
 
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDSReactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
Angelo Corsaro
 
Building and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex CloudBuilding and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex Cloud
Angelo Corsaro
 
Building Reactive Applications with DDS
Building Reactive Applications with DDSBuilding Reactive Applications with DDS
Building Reactive Applications with DDS
Angelo Corsaro
 
DDS In Action Part II
DDS In Action Part IIDDS In Action Part II
DDS In Action Part II
Angelo Corsaro
 
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part IMicro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
Angelo Corsaro
 
DDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing StandardDDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing Standard
Angelo Corsaro
 
The DDS Tutorial - Part I
The DDS Tutorial - Part IThe DDS Tutorial - Part I
The DDS Tutorial - Part I
Angelo Corsaro
 
Open splice dds security
Open splice dds securityOpen splice dds security
Open splice dds security
Ramzi Karoui
 
OpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part IIOpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part II
Angelo Corsaro
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security Module
Angelo Corsaro
 
The Data Distribution Service
The Data Distribution ServiceThe Data Distribution Service
The Data Distribution Service
Angelo Corsaro
 
DDS Web Enabled
DDS Web EnabledDDS Web Enabled
DDS Web Enabled
Real-Time Innovations (RTI)
 
The DDS Tutorial Part II
The DDS Tutorial Part IIThe DDS Tutorial Part II
The DDS Tutorial Part II
Angelo Corsaro
 
Advanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part IIAdvanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part II
Angelo Corsaro
 
The Data Distribution Service Tutorial
The Data Distribution Service TutorialThe Data Distribution Service Tutorial
The Data Distribution Service Tutorial
Angelo Corsaro
 
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter KitBuilding IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Angelo Corsaro
 
DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
Gerardo Pardo-Castellote
 
Encrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted CloudEncrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted Cloud
n|u - The Open Security Community
 

More Related Content

What's hot

DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Gerardo Pardo-Castellote
 
Desktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex CaféDesktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex Café
Angelo Corsaro
 
Building Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-WebBuilding Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-Web
Angelo Corsaro
 
Architecting IoT Systems with Vortex
Architecting IoT Systems with VortexArchitecting IoT Systems with Vortex
Architecting IoT Systems with Vortex
Angelo Corsaro
 
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDSReactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
Angelo Corsaro
 
Building and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex CloudBuilding and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex Cloud
Angelo Corsaro
 
Building Reactive Applications with DDS
Building Reactive Applications with DDSBuilding Reactive Applications with DDS
Building Reactive Applications with DDS
Angelo Corsaro
 
DDS In Action Part II
DDS In Action Part IIDDS In Action Part II
DDS In Action Part II
Angelo Corsaro
 
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part IMicro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
Angelo Corsaro
 
DDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing StandardDDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing Standard
Angelo Corsaro
 
The DDS Tutorial - Part I
The DDS Tutorial - Part IThe DDS Tutorial - Part I
The DDS Tutorial - Part I
Angelo Corsaro
 
Open splice dds security
Open splice dds securityOpen splice dds security
Open splice dds security
Ramzi Karoui
 
OpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part IIOpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part II
Angelo Corsaro
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security Module
Angelo Corsaro
 
The Data Distribution Service
The Data Distribution ServiceThe Data Distribution Service
The Data Distribution Service
Angelo Corsaro
 
DDS Web Enabled
DDS Web EnabledDDS Web Enabled
DDS Web Enabled
Real-Time Innovations (RTI)
 
The DDS Tutorial Part II
The DDS Tutorial Part IIThe DDS Tutorial Part II
The DDS Tutorial Part II
Angelo Corsaro
 
Advanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part IIAdvanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part II
Angelo Corsaro
 
The Data Distribution Service Tutorial
The Data Distribution Service TutorialThe Data Distribution Service Tutorial
The Data Distribution Service Tutorial
Angelo Corsaro
 
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter KitBuilding IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Angelo Corsaro
 

What's hot (20)

DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
 
Desktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex CaféDesktop, Embedded and Mobile Apps with Vortex Café
Desktop, Embedded and Mobile Apps with Vortex Café
 
Building Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-WebBuilding Real-Time Web Applications with Vortex-Web
Building Real-Time Web Applications with Vortex-Web
 
Architecting IoT Systems with Vortex
Architecting IoT Systems with VortexArchitecting IoT Systems with Vortex
Architecting IoT Systems with Vortex
 
Reactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDSReactive Data Centric Architectures with DDS
Reactive Data Centric Architectures with DDS
 
Building and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex CloudBuilding and Scaling Internet of Things Applications with Vortex Cloud
Building and Scaling Internet of Things Applications with Vortex Cloud
 
Building Reactive Applications with DDS
Building Reactive Applications with DDSBuilding Reactive Applications with DDS
Building Reactive Applications with DDS
 
DDS In Action Part II
DDS In Action Part IIDDS In Action Part II
DDS In Action Part II
 
Micro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part IMicro services Architecture with Vortex -- Part I
Micro services Architecture with Vortex -- Part I
 
DDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing StandardDDS: The IoT Data Sharing Standard
DDS: The IoT Data Sharing Standard
 
The DDS Tutorial - Part I
The DDS Tutorial - Part IThe DDS Tutorial - Part I
The DDS Tutorial - Part I
 
Open splice dds security
Open splice dds securityOpen splice dds security
Open splice dds security
 
OpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part IIOpenSplice DDS Tutorial -- Part II
OpenSplice DDS Tutorial -- Part II
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security Module
 
The Data Distribution Service
The Data Distribution ServiceThe Data Distribution Service
The Data Distribution Service
 
DDS Web Enabled
DDS Web EnabledDDS Web Enabled
DDS Web Enabled
 
The DDS Tutorial Part II
The DDS Tutorial Part IIThe DDS Tutorial Part II
The DDS Tutorial Part II
 
Advanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part IIAdvanced OpenSplice Programming - Part II
Advanced OpenSplice Programming - Part II
 
The Data Distribution Service Tutorial
The Data Distribution Service TutorialThe Data Distribution Service Tutorial
The Data Distribution Service Tutorial
 
Building IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter KitBuilding IoT Applications with Vortex and the Intel Edison Starter Kit
Building IoT Applications with Vortex and the Intel Edison Starter Kit
 

Similar to DDS-Security Interoperability Demo - March 2018

DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
Gerardo Pardo-Castellote
 
Encrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted CloudEncrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted Cloud
n|u - The Open Security Community
 
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developersThreat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
MITRE ATT&CK
 
Secure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data ProcessingSecure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data Processing
Shantanu Sharma
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
Gerardo Pardo-Castellote
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
How to Share a Secret
How to Share a SecretHow to Share a Secret
How to Share a Secret
Kelum Senanayake
 
Attacking SCADA systems: Story Of SCADASTRANGELOVE
Attacking SCADA systems: Story Of SCADASTRANGELOVEAttacking SCADA systems: Story Of SCADASTRANGELOVE
Attacking SCADA systems: Story Of SCADASTRANGELOVE
Aleksandr Timorin
 
IRJET- Data Security in Cloud Computing through AES under Drivehq
IRJET- Data Security in Cloud Computing through AES under DrivehqIRJET- Data Security in Cloud Computing through AES under Drivehq
IRJET- Data Security in Cloud Computing through AES under Drivehq
IRJET Journal
 
SSE.ppt
SSE.pptSSE.ppt
SSE.ppt
mazharul7
 
Aoevideo
AoevideoAoevideo
Aoevideo
Pptblog Pptblogcom
 
Bids talk 9.18
Bids talk 9.18Bids talk 9.18
Bids talk 9.18
Travis Oliphant
 
SafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto ManagementSafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto Management
Sectricity
 
Emerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for CloudEmerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for Cloud
Ulf Mattsson
 
Autonomous Database Security Features
Autonomous Database Security FeaturesAutonomous Database Security Features
Autonomous Database Security Features
SinanPetrusToma
 
Platform Deep Dive
Platform Deep DivePlatform Deep Dive
Platform Deep Dive
Conrad23
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modeling
Prabath Siriwardena
 
Data-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling FundamentalsData-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling Fundamentals
DATAVERSITY
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
Hoang Nguyen
 
Searching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done RightSearching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done Right
Skyhigh Networks
 

Similar to DDS-Security Interoperability Demo - March 2018 (20)

DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017DDS-Security Interoperability Demo - December 2017
DDS-Security Interoperability Demo - December 2017
 
Encrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted CloudEncrypted Databases for Untrusted Cloud
Encrypted Databases for Untrusted Cloud
 
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developersThreat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
 
Secure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data ProcessingSecure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data Processing
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
How to Share a Secret
How to Share a SecretHow to Share a Secret
How to Share a Secret
 
Attacking SCADA systems: Story Of SCADASTRANGELOVE
Attacking SCADA systems: Story Of SCADASTRANGELOVEAttacking SCADA systems: Story Of SCADASTRANGELOVE
Attacking SCADA systems: Story Of SCADASTRANGELOVE
 
IRJET- Data Security in Cloud Computing through AES under Drivehq
IRJET- Data Security in Cloud Computing through AES under DrivehqIRJET- Data Security in Cloud Computing through AES under Drivehq
IRJET- Data Security in Cloud Computing through AES under Drivehq
 
SSE.ppt
SSE.pptSSE.ppt
SSE.ppt
 
Aoevideo
AoevideoAoevideo
Aoevideo
 
Bids talk 9.18
Bids talk 9.18Bids talk 9.18
Bids talk 9.18
 
SafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto ManagementSafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto Management
 
Emerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for CloudEmerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for Cloud
 
Autonomous Database Security Features
Autonomous Database Security FeaturesAutonomous Database Security Features
Autonomous Database Security Features
 
Platform Deep Dive
Platform Deep DivePlatform Deep Dive
Platform Deep Dive
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modeling
 
Data-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling FundamentalsData-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling Fundamentals
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
 
Searching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done RightSearching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done Right
 

More from Gerardo Pardo-Castellote

DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
Gerardo Pardo-Castellote
 
DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
Gerardo Pardo-Castellote
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.
Gerardo Pardo-Castellote
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
Gerardo Pardo-Castellote
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Gerardo Pardo-Castellote
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
Gerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 Beta
Gerardo Pardo-Castellote
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017
Gerardo Pardo-Castellote
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
Gerardo Pardo-Castellote
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
Gerardo Pardo-Castellote
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2
Gerardo Pardo-Castellote
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
Gerardo Pardo-Castellote
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained Environments
Gerardo Pardo-Castellote
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
Gerardo Pardo-Castellote
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
Gerardo Pardo-Castellote
 
The Platform for the Industrial Internet of Things (IIoT)
The Platform for the Industrial Internet of Things (IIoT)The Platform for the Industrial Internet of Things (IIoT)
The Platform for the Industrial Internet of Things (IIoT)
Gerardo Pardo-Castellote
 
Web Enabled DDS - London Connext DDS Conference
Web Enabled DDS - London Connext DDS ConferenceWeb Enabled DDS - London Connext DDS Conference
Web Enabled DDS - London Connext DDS Conference
Gerardo Pardo-Castellote
 
Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference
Gerardo Pardo-Castellote
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
Gerardo Pardo-Castellote
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
Gerardo Pardo-Castellote
 

More from Gerardo Pardo-Castellote (20)

DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
 
DDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed SoftwareDDS, the US Navy, and the Need for Distributed Software
DDS, the US Navy, and the Need for Distributed Software
 
Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.Introduction to DDS: Context, Information Model, Security, and Applications.
Introduction to DDS: Context, Information Model, Security, and Applications.
 
A Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial AutomationA Converged Approach to Standards for Industrial Automation
A Converged Approach to Standards for Industrial Automation
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
 
OPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 BetaOPC UA/DDS Gateway version 1.0 Beta
OPC UA/DDS Gateway version 1.0 Beta
 
DDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 BetaDDS for eXtremely Resource Constrained Environments 1.0 Beta
DDS for eXtremely Resource Constrained Environments 1.0 Beta
 
DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017DDS-Security Interoperability Demo - September 2017
DDS-Security Interoperability Demo - September 2017
 
Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2Extensible Types for DDS (DDS-XTYPES) version 1.2
Extensible Types for DDS (DDS-XTYPES) version 1.2
 
DDS-Security version 1.1
DDS-Security version 1.1DDS-Security version 1.1
DDS-Security version 1.1
 
Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2 Interface Definition Language (IDL) version 4.2
Interface Definition Language (IDL) version 4.2
 
DDS Security Specification version 1.0
DDS Security Specification version 1.0DDS Security Specification version 1.0
DDS Security Specification version 1.0
 
DDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained EnvironmentsDDS for eXtremely Resource Constrained Environments
DDS for eXtremely Resource Constrained Environments
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
 
The Platform for the Industrial Internet of Things (IIoT)
The Platform for the Industrial Internet of Things (IIoT)The Platform for the Industrial Internet of Things (IIoT)
The Platform for the Industrial Internet of Things (IIoT)
 
Web Enabled DDS - London Connext DDS Conference
Web Enabled DDS - London Connext DDS ConferenceWeb Enabled DDS - London Connext DDS Conference
Web Enabled DDS - London Connext DDS Conference
 
Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference Remote Procedure Call over DDS - London Connext DDS Conference
Remote Procedure Call over DDS - London Connext DDS Conference
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
 

Recently uploaded

Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Envertis Software Solutions
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Łukasz Chruściel
 
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Undress Baby
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
Remote DBA Services
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 

Recently uploaded (20)

Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
 
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 

DDS-Security Interoperability Demo - March 2018

  • 2. DDS Security Demo — Overview 12/06/17 2 •  5 Vendor Products: •  CoreDX DDS from Twin Oaks CompuQng •  Connext DDS from Real Time InnovaQons (RTI) •  InterComm DDS from Kongsberg •  Vortex Cafe DDS from ADLink •  OpenDDS from Object CompuQng Inc (OCI) •  Using Shapes demo soware: •  Familiar from previous interoperability demos •  DemonstraQng granular configurability of DDS Security protocols •  Each ParQcipant has its own permissions – what exactly it can publish / subscribe •  Each Topic has its own configuraQon – encrypted, signed, clear, encrypted discovery
  • 3. DDS Security Demo — Topics 12/06/17 3 Square Topic -  Secure Discovery -  Encrypted Data -  AuthenQcated Metadata -  Protected Access: AuthenQcated ParQcipants must have permissions to publish and/or subscribe Circle Topic -  Secure Discovery -  AuthenQcated Data -  AuthenQcated Metadata -  Protected Access: ParQcipants must have permissions to publish and/or subscribe Triangle Topic -  Open Discovery -  Open Data -  Open Access: Any parQcipant may publish and/or subscribe
  • 5. DDS Security Demo — Publishing 12/06/17 5 Permissions -  ALLOW Write Square -  DENY Write Circle Permissions -  ALLOW Write Circle -  DENY Write Triangle Permissions -  ALLOW Write Triangle -  DENY Write Square Permissions -  ALLOW Write Triangle -  DENY Write Circle
  • 7. •  The demo consists of the following scenarios: •  Interoperability Without Security Enabled (SC#0) •  Controlled Access to Domain (SC#1) •  Enabling Open Access to Selected Topics (SC#2) •  Data Integrity versus Encryp9on (SC#3) •  Metadata protecQon (SC#4) •  Secure Discovery (SC#5) •  Topic Level Access Control (SC#6) Demo 12/06/17 Copyright © 2017 OMG. All rights reserved. 7
  • 8. •  Objec9ve: DDS Security is an extension of DDS —sQll possible to run applicaQons without any protecQon. •  Governance File: Specifies domain 0 as an “open domain”. Governance_SC0_SecurityDisabled.xml •  Permission Files: None are needed for this scenario. Permissions_JoinDomain_<VENDOR>.xml •  Applica9ons: Regular and Secured and Shapes Demo SC#0: Interoperability Without Security Copyright © 2017 OMG. All rights reserved. 8 Subscribing to “Square” Expected Result All (Secure) RTI, TwinOaks, Kongsberg Receives All: Square: BLUE, GREEN, MAGENTA , RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg Receives All: Square: BLUE, GREEN, MAGENTA, RED, ORANGE 12/06/17 Publishing RTI SecureShapes BLUE Square TwinOaks SecureShapes GREEN Square Kongsberg SecureShapes MAGENTA Square ADLink RegularShapes RED Square OCI RegularShapes ORANGE Square OFF OFF OFF OFF OFF
  • 9. •  Objec9ve: DDS Security can be used to protect access to a DDS Domain. Only applicaQons that can authenQcate and have the proper permissions can join the Domain. •  Governance File: Specifies domain 0 as a "protected domain." Governance_SC1_ProtectedDomain1.xml •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. •  Applica9ons: Regular and Secured and Shapes Demo SC#1: Controlled Access to Domain Copyright © 2017 OMG. All rights reserved. 9 Subscribing to “Square” Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Receives only from Secure: Square: BLUE, GREEN, MAGENTA , RED All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Receives only from Non-Secure Square: ORANGE 12/06/17 Publishing RTI BLUE Square TwinOaks GREEN Square Kongsberg MAGENTA Square ADLink RED Square OCI ORANGE Square
  • 10. Subscribing “Square”, “Circle”, “Triangle” Expected Result Receives: RTI (Secure) Read Perm: Circle + Triangle Square: none Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE Twin Oaks (Secure) Read Perm: Square + Triangle Square: BLUE, MAGENTA Circle: none Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Kongsberg (Secure) Read Perm: Square + Circle Square: BLUE, MAGENTA Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE ADLink (Secure) Read Perm: Square + Circle Square: BLUE, MAGENTA , Circle: GREEN, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE OCI (Not Secure) Square: ORANGE, Circle: ORANGE Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE •  Objec9ve: Illustrates it is possible to allow access to certain Topics by unsecured applicaQons (e.g, for legacy applicaQons not running DDS Security). •  Governance File: Governance_SC2_ProtectedDomain2.xml •  Allows unauthenQcated parQcipants to join domain 0 •  Square and Circle: • Protected for read/write access • Encrypt/sign metadata • Use secure discovery •  Triangle • Unprotected for read/write access (open to all) • No encrypt/sign • Use regular (unsecured) discovery • Permission Files: Each vendor has its own permissions file. Permissions_TopicLevel_<VENDOR>.xml. • Applica9ons: Regular and Secure and Shapes Demo SC#2: Open Access to Selected Topics Publishing RTI Write Perm: Squares BLUE Square BLUE Circle BLUE Triangle TwinOaks Write Perm: Circle GREEN Square GREEN Circle GREEN Triangle Kongsberg Write Perm: Square MAGENTA Square MAGENTA Circle MAGENTA Triangle ADLink Write Perm: Circle RED Square RED Circle RED Triangle OCI ORANGE Square ORANGE Circle ORANGE Triangle
  • 11. •  Objec9ve: Illustrate different kinds of data protecQon. •  Encrypted (EN+SG)—(Encrypt and Sign) protected •  Signed data (SG)—vulnerable to snooping but not tampering •  Open data (OD)—vulnerable to tampering •  Governance File: Specifies domain 0 as a "protected domain” Governance_SC3_ProtectedDomain3.xml •  Squares shall be encrypted •  Circles shall be signed •  Triangles are unprotected •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. •  Applica9ons: Secured Shapes Demo + Wireshark SC#3: Data Integrity versus Encryp9on Subscribing: Square + Circle + Triangle Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle data in the clear Can see Circle data, but it is signed (or OD from OCI) Cannot see Square data—it is encrypted Publishing RTI BLUE Square (EN + SG) ‘#’ BLUE Circle (SG) ‘$’ BLUE Triangle (OD) ‘%’ TwinOaks GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ GREEN Triangle (OD) ‘%’ Kongsberg MAGENTA Square (EN + SG) ‘#’ MAGENTA Circle (SG) ‘$’ MAGENTA Triangle (OD) ‘%‘ ADLink GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ RED Triangle (OD) ‘%’ OCI (not secure) ORANGE Triangle ‘%’ ShapeSizes: Square -> 35 ‘#’ Circle -> 36 ‘$’ Triangle -> 37 ‘%’
  • 12. •  Objec9ve: Illustrate concept of protecQng metadata. •  Encrypted (EN+SG)—Encrypt and Signed metadata protected •  Signed metadata (SG)—vulnerable to snooping but not tampering •  Open metadata (OD)—vulnerable to tampering •  Governance File: Specifies domain 0 as a "protected domain" Governance_SC4_ProtectedDomain4.xml •  Square metadata shall be encrypted •  Circle metadata shall be signed, •  Triangle metadata is unprotected •  Payload is le open for all topics for illustraQon •  Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. SC#4: Metadata Protec9on Publishing RTI BLUE Square (EN + SG) ‘#’ BLUE Circle (SG) ‘$’ BLUE Triangle (OD) ‘%’ TwinOaks GREEN Square (EN + SG) ‘#’ GREEN Circle (SG) ‘$’ GREEN Triangle (OD) ‘%’ Kongsberg MAGENTA Square (EN+SG) ‘#’ MAGENTA Circle (SG) ‘$’ MAGENTA Triangle (OD) ‘%‘ ADLink RED Square (EN + SG) ‘#’ RED Circle (SG) ‘$’ RED Triangle (OD) ‘%‘ OCI (not secure) ORANGE Triangle ‘%’ Subscribing Expected Result All (Secure) RTI, TwinOaks, Kongsberg, ADLink Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, ADLink, OCI Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle metadata & data Can see Circle metadata, but it is signed Cannot see Square metadata—it is encrypted Also peek at Discovery – It is all clear ShapeSizes: Square -> 35 ‘#’ Circle -> 36 ‘$’ Triangle -> 37 ‘%’
  • 13. •  Objec9ve: Illustrates that discovery informaQon also be protected. •  Governance File: Specifies domain 0 as a "protected domain." Governance_SC5_ProtectedDomain5.xml •  Topic Triangle data and metadata are neither encrypted nor signed—sent over regular discovery •  Topic Circle data and metadata are signed, but not encrypted—sent over secure discovery •  Topic Square data and metadata are encrypted and signed—sent over secure discovery • Permission Files: Each vendor has its own permissions file. Permissions_JoinDomain_<VENDOR>.xml. • Applica9ons: Secure Shapes Demo SC#5: Secure Discovery Publishing RTI BLUE Square (EN + SG) BLUE Circle (SG) BLUE Triangle (OD) TwinOaks GREEN Square (EN + SG) GREEN Circle (SG) GREEN Triangle (OD) Kongsberg MAGENTA Square (EN+SG) MAGENTA Circle (SG) MAGENTA Triangle (OD) ADLink RED Square (EN + SG) RED Circle (SG) RED Triangle (OD) OCI ORANGE Triangle (OD) Subscribing Square + Circle + Triangle Expected Result All (Secure) RTI, TwinOaks, Kongsberg Square: BLUE, GREEN, MAGENTA, RED Circle: BLUE, GREEN, MAGENTA, RED Triangle: BLUE, GREEN, MAGENTA , RED, ORANGE All (Not Secure) RTI, TwinOaks, Kongsberg, OCI, ADLink Square: Circle: Triangle: BLUE, GREEN, MAGENTA, RED, ORANGE Wireshark Can see Triangle discovery in the clear Cannot see Circle discovery Cannot see Square discovery
  • 14. Subscribing Expected Result RTI Read Perm: Circle + Triangle Subscribes: Square, Circle, Triangle Receives: Square: none Circle: GREEN, RED Triangle: none Twin Oaks Read Perm: Square+Triangle Subscribes: Square, Circle, Triangle Receives: Square: BLUE, MAGENTA Circle: none Triangle: none Kongsberg Read Perm: Square + Circle Subscribes: Square, Circle, Triangle Receives: Square: BLUE Circle: GREEN, RED Triangle: none ADLink Read Perm: Square + Circle Subscribes: Square, Circle, Triangle Receives: Square: BLUE, MAGENTA Circle: GREEN, RED Triangle: none OCI (Not Secure) Triangle: ORANGE •  Objec9ve: Illustrates fine-grain access control at the Topic level. •  Governance File: Specifies domain 0 as a "protected domain." Indicates that Square •  All topics are protected for read/write access. •  All topics are sent over secure discovery •  All topics encrypt and sign metadata •  Governance_SC6_ProtectedDomain6.xml • Permission Files: Each vendor has its own permissions file. Permissions_TopicLevel_<VENDOR>.xml. • Applica9ons: Secure Shapes Demo SC#6: Topic-Level Access Control 12/06/17 Publishing RTI Write Perm: Squares BLUE Square BLUE Circle BLUE Triangle TwinOaks Write Perm: Circle GREEN Square GREEN Circle GREEN Triangle Kongsberg Write Perm: Square MAGENTA Square MAGENTA Circle MAGENTA Triangle ADLink Write Perm: Circle RED Square RED Circle RED Triangle OCI (Not Secure) ORANGE Triangle
  • 15. ●  Standard & Interoperable ●  Scalable: Supports mulQcast ●  Fine-grain: Control at the Topic-level ●  Flexible: Build your own plugins ●  Generic: Works over any Transport ●  Transparent: No changes to ApplicaQon Code! More powerful that other secure middleware technologies 15