原文传递
DDS-Cerberus: Improving Security in DDS Middleware Using Kerberos Tickets.
| 题名: | DDS-Cerberus: Improving Security in DDS Middleware Using Kerberos Tickets. |
| 作者: | Park, A. T. |
| 摘要: | The military deploys many Internet of Things (IoT) in battlefield operations toprovide information on terrain and enemy combatants. It also deploys automatedrobots or unmanned aerial vehicles (UAVs) where securing and trusting collecteddata is essential. Choosing the middleware that handles this message transfer iscrucial for real-time operations. Networks with multiple entities, including IoT de-vices, UAVs, and small computers, require robust middleware facilitating messagesending in real-time. Ideally, the middleware would provide Quality of Service (QoS)to handle lost packets and retransmissions in lossy environments, especially betweenlow-power machines. Data Distribution Service (DDS) is a middleware that imple-ments real-time and QoS capabilities by sending messages, not based on endpointsbut topics. However, DDS nodes are susceptible to impersonation attacks, whichcompromise integrity and trust. To mitigate these attacks, DDS-Cerberus (DDS-C)is developed as a security layer that integrates with DDS by using Kerberos ticketsto identify and authenticate valid DDS nodes. This thesis evaluates DDS-C per-formance, determining if authentication overhead impedes DDS operations by usingRobot Operating System 2 (ROS 2) and Cyclone DDS as testbeds. Additionally,DDS-C is integrated into a commercial network artificial intelligence (AI) providedby Bright Apps as a real-world use case. The results of this research conclude thatDDS-C does not impact DDS operations to any significant degree. The added secu-rity and minimal middleware impact could help the military ensure node integrity inoperational missions. |
| 总页数: | 86 pages |
相关文献
检索历史
应用推荐
