How to encrypt and protect your moodle site for free with let's encrypt
Building Scalable Security for Systems of Systems · 2020. 7. 15. · Securely exchange...
Transcript of Building Scalable Security for Systems of Systems · 2020. 7. 15. · Securely exchange...
4/15/19
1
BuildingScalableSecurityforSystemsofSystems
PaulTingeySeniorFieldApplicationEngineer
©2019Real-TimeInnovations,Inc..
Index
• BuildingScalableDistributedSystems– IntroductiontoIIoT FrameworkSolutions– DDSPrinciples
• SecuringtheDataonDistributedSystems• Fine-GrainDDSSecurity• Conclusion
©2019Real-TimeInnovations,Inc..
4/15/19
2
RTIintheIndustrialIoT
• RTIisthelargestembeddedmiddlewarevendor
• 1000+designs,manyreal-worldprogramsacrossindustries
• FullDDS,tools,services,support,secureandcertifiedversions
• About200people
©2019Real-TimeInnovations,Inc.Confidential.
AnOverviewofDataDistributionService(DDS)
©2019Real-TimeInnovations,Inc..
4/15/19
3
OMGDataDistributionService
• FirstversionoftheDDSstandardwasreleasedin2004•Mostrecentversion(v1.4)wasreleasedinApril2015• “Data-CentricPublish-Subscribemodelfordistributedapplicationcommunicationandintegration”
©2019Real-TimeInnovations,Inc..
WhatistheDataDistributionService…?
• DDSisideallysuitedtoapplicationsthatarerequiredtosharelargeamountsofdatainafast,secure,scalableandreliableway
• ItwasoriginallydesignedformissioncriticalsystemsandisnowattheheartofmanyOpenArchitectureinitiativesinA&D
• It’sTRL-9 technologyusedwidelyinthe“L”partsofLVC systems• It’swidespreaduseinmilitarysystemshasledtostronginterestinthesimulationandtrainingmarket
• DDSisPublish-Subscribe,Data-Centric andPeer-to-Peer– enablinglocationtransparency,decentralizedoperation,dynamicscalabilityandreal-timeperformance
©2019Real-TimeInnovations,Inc..
4/15/19
4
ConnectivityFrameworkLayer
Transport
Link
Distributed Data Interoperability & Management
Framework
Quality of
ServiceSecurity
Publish-Subscribe Request-Reply Discovery
Data Resource Model
ID and Addressing Data Type System Lifecycle (CRUD)
Exception Handling
State Management
ConnectivityFramework
Functions
Physical
Network
API Governance
©2019Real-TimeInnovations,Inc..
ConnectionviatheDDSDatabus…
PlatformPlatformPlatform
Application3DDS
Application2DDS
Application1DDS
SensorUnit HealthMonitor DeviceControl
©2019Real-TimeInnovations,Inc..
4/15/19
5
ConnectionviatheDDSDatabus…
PlatformPlatformPlatform
Application3DDS
Application2DDS
Application1DDS
SensorUnit HealthMonitor DeviceControl
©2019Real-TimeInnovations,Inc..
DDS Databus
Platform
Application3DDS
Operator
ConnectionviatheDDSDatabus…
©2019Real-TimeInnovations,Inc..
DataflowsareconfiguredviaQualityofServicesettingsthatdefinehowdataisdelivered
betweennodesinthedistributedsystem.InDDS
terminologythesedataflowsarecalledTopics.
ADataModel(writteninIDL)describesthedatainthesystemandallowsDDSto‘understand’andmanagedatainthesystem
appropriately.
DDSabstractstheapplicationawayfromtheOperatingSystemmakingtheapplicationlesscomplex,more
portableandtransportagnostic.
DataiscachedattheendpointsbyDDS(basedontheQoS
settings);theapplicationalwayshasthedataitrequireswhenit
requiresit.
DDSoptimises networkusagebyfilteringdataappropriately(ateither
sourceordestination)andonlydeliveringdatawhenandwhereitisneeded.
DDSprovidesanAPItotheprogrammer(whichRTIwrapinlanguage
bindings)toenabledata-centricaccesstoyour
data.
DDSoperatespeer-to-peertogivereal-time
performanceandmeaningthereisnocentralserver.
4/15/19
6
AboutDataCentricityDataCentricityDefinitiona) Theinterfaceis thedata.b) Theinfrastructureunderstandsthatdata.c) Thesystemmanagesthedataandimposes
rulesonhowapplicationsexchangedata.
Application
Application
MessagecentricRemoteObjectsSOAs
Application
Application
Data
Database
Datacentricstorageandsearchingofolddata
Datacentricsharingandfilteringoffuturedata
SELECT * FROM ShapeDataWHERE color=‘RED’ AND shapesize > 10;
cft = create_contentfilteredtopic_with_filter( ”MyFiltered_topic”, ShapeData_topic,”(color MATCH ‘RED’) AND (shapesize > 10)”, … );
Databus
©2019Real-TimeInnovations,Inc..
TheIICLayeredDatabusArchitecturePattern
©2019Real-TimeInnovations,Inc..
4/15/19
7
WhyDDS?
Data-centric
Naturallymodular
Naturallyscalable
Resiliency
Highreliability
Maximumup-time
Performance
Minimumlatency
Maximumthroughput
Fasterdevelopment
SOA-likearchitecture
Codere-use
Standardsbased
Novendorlock-in
Futureproof
©2019Real-TimeInnovations,Inc..
SecuringtheDataonDistributedSystems
©2019Real-TimeInnovations,Inc..
4/15/19
8
DDSDatabus
A B C
AssociatedThreats
(1)(2)
D E F
(3,4)
AuthorisedPublisher Intruder
AuthorisedSubscriber Eavesdropper
TrustedInfrastructure
ServiceMaliciousinsider
• ForDDSbased(distributed)systems,thefourmostrelevantthreatcategoriesare:1. Unauthorised publication2. Unauthorised subscription3. Tamperingandreplay4. Unauthorised accesstodatabyinfrastructureservices
©2019Real-TimeInnovations,Inc..
ApproachestoProtectDDS
• TransportLayerSecurity
• Fine-GrainedDataSecurity
©2019Real-TimeInnovations,Inc..
4/15/19
9
Transport-LevelSecureDataTransfer
DP DP
• CanuseTLSorDTLS•Methodinvolves:
1. Authenticate• Verifyyouridentity
2. Securelyexchangecryptographickeys3. Usekeysto:
• Encryptdata• Addamessageauthenticationcode
©2019Real-TimeInnovations,Inc..
LimitationsofTransport-LevelSecurity
DP DP
• Canbeinefficient:alldataisencryptedandsigned– Applicationdataandmetadata– Regardlessofwhetherconfidentialityand/orintegrityarerequired
• Poorlatencyandjitter:usuallyrunsoverTCP• Notscalable:nomulticastsupport– EvenwithDTLSoverUDP
• Appsareauthenticatedorthey’renot• Noinherentprotectionagainstinsiderthreats– E.g.:authorizedsubscriberbutunauthorizedpublisher
• Accesscontrolhastobedoneatapplicationlevel©2019Real-TimeInnovations,Inc..
4/15/19
10
FinegrainedDDSSecurity
©2019Real-TimeInnovations,Inc..
OMGDDSSecurityStandard
• OMGreleasedtheDDSSecurityspecification(v1.1)inJuly2018• CollaborativelydevelopedbyanumberofDDSvendors• Defines:– DDSSecurityModel– ServicePluginInterface(SPI)Architecture
©2019Real-TimeInnovations,Inc..
4/15/19
11
OMGDDSSecurityStandard
• BasedonOMGDDSSecurityspec• Built-InPlugins– LittletonochangerequiredtoDDSapplications– SecurityisconfiguredthroughXML
• OptionalSDKavailabletocustomizepluginbehavior• Runsoveranytransport– DoesnotrequireTCPorIP– SecureMulticastforscalability,lowlatency
• Completelydecentralized– Highperformanceandscalability– Nosinglepoint-of-failure
DDSCoreLibrary
Authentication
AccessControl
Cryptography
DataTagging
Logging
Application
AnyTransport*(e.g.,TCP,UDP,multicast,
sharedmemory…)
©2019Real-TimeInnovations,Inc..
OMGDDSSecurityStandard
DDSCoreLibrary
Authentication
AccessControl
Cryptography
DataTagging
Logging
Application
AnyTransport*(e.g.,TCP,UDP,multicast,
sharedmemory…)
• TheServicePluginInterface(SPI)Architecturedefinesinterfacesforfiveplugins– Authentication
• Verificationoftheidentityofanapplication– AccessControl
• Allowsenforcementofpolicies(e.g.writeaccesstoatopic)
– Cryptography• Aninterfacetocrytographic functionality
– Logging• AuditingofDDSSecurityrelatedevents
– DataTagging• Enablesaddingtagstodatasamples
©2019Real-TimeInnovations,Inc..
4/15/19
12
Network
Fine-GrainedData-CentricSecurity
ControlAnalysisPressureSensor
State Alarms SetPoint
Operator
• DDSSecurityprovidesfine-grainedsecurityindistributedsystems• Enablesthesecuringofindividualdataflows(topics)• InthesystemshownheretheSetPoint dataitemshouldbesecured– Transportlevelsecurity(TLS)providesonlypartialprotection
Modules/Applications
Data©2019Real-TimeInnovations,Inc..
Network
Fine-GrainedData-CentricSecurity
ControlAnalysisPressureSensor
State Alarms SetPoint
Operator
• DDSSecurityprovidesfine-grainedsecurityindistributedsystems• Enablesthesecuringofindividualdataflows(topics)• InthesystemshownheretheSetPoint dataitemshouldbesecured– Transportlevelsecurity(TLS)providesonlypartialprotection
Data
Modules/Applications
©2019Real-TimeInnovations,Inc..
4/15/19
13
Databus
Fine-GrainedData-CentricSecurity
ControlAnalysisPressureSensor
State Alarms SetPoint
Operator
• DDSSecurityenablesfinegrainedsecurityofaTopic– Forexample,forSetPoint,for
AuthenticationandAccessControl
• Onlyspecificmodules/appswillthenbeabletoaccesstheTopic,e.g.– OperatorcanpublishSetPoint– OperatorcansubscribetoSetpoint– ControlcanpublishSetpoint
•Modules/appswithoutthecorrectsecuritysettingswillnothaveaccess
Data
Modules/Applications
©2019Real-TimeInnovations,Inc..
FineGrainedControltoOptimizePerformance
• DDSSecurityallowsveryfinegrainedcontrolofsecurity– Choosefrom:
• Unsecured(datasentintheclearwithoutasignature)• SignedwithaGaloisMessageAuthenticationCode(GMAC)forintegrity• Encryptedandsigned
– Configurableper:• Domainformetadata(discovery,liveliness)• Topic(wholeRTPSmessageoruserdataonly)
©2019Real-TimeInnovations,Inc..
4/15/19
14
TransportSecurityvsDDSSecurity
DW DTLS
DR
DR
DR
UDP
DW DDSSecurity
DR
DR
DR
UDP
DW DDSSecurity
DR
DR
DR
UDP
DTLS/Unicast
DDSSecurity/Unicast
DDSSecurity/Multicast
©2019Real-TimeInnovations,Inc..
Performance
01020304050607080
NoSecurity RTPSSign RTPSSign+DataEncrypt
RTPSSign+SubmessageEncrypt
RTPSSign+Submessage+DataEncrypt
LatencyinM
icrosecond
s
020000400006000080000100000120000140000
NoSecurity RTPSSign RTPSSign+DataEncrypt
RTPSSign+SubmessageEncrypt
RTPSSign+Submessage+DataEncrypt
SamplesPerSecon
d
Latencyfor1024ByteSamples
Throughputfor32bytesamplesin8Kbatches
• DDSSecurityprovidesanenvironmentforhighperformancesecuritythrough:– Fine-grainedsecurityselectionsthatmatchyourrequirements– Apluggablearchitecturetoallowuseofyourowncustomised algorithms(h/wors/w)– Supportforsecurityovermulticast
©2019Real-TimeInnovations,Inc..
4/15/19
15
Conclusions• DDSisamaturestandardfromOMG– Focusesonefficientdata-distributionforreal-timeandhigh-performancesystems– MandatedandDeployedworldwideinMilitarysystemsandotherdemandingreal-time
applications– Platformneutral,withaPortableAPIandInteroperableWireProtocol– HighlyTunableviaQualityofService(QoS)
• DDSisextendedwithaOMGmanagedspecificationforSecurity– Granulardatasecurity– Pluggablearchitectureforcustomizedprotocols– Runsoveranytransport– Optimises networkusagewithsupportforsecurityovermulticast
©2019Real-TimeInnovations,Inc..
ThankYou