Note: The following is an excerpt from the actual document. It is provided here as a convenience and is not authoritative. Refer to the original document as the authoritative reference.
Overview of this Specification
This specification defines the Security Model and Service Plugin Interface (SPI) architecture for
compliant DDS implementations. The DDS Security Model is enforced by the invocation of these SPIs
by the DDS implementation. This specification also defines a set of builtin implementations of these
SPIs.
The specified builtin SPI implementations enable out-of-the box security and interoperability
between compliant DDS applications.
The use of SPIs allows DDS users to customize the behavior and technologies that the DDS
implementations use for Information Assurance, specifically customization of Authentication,
Access Control, Encryption, Message Authentication, Digital Signing, Logging and Data
Tagging.
This specification defines five SPIs that when combined together provide Information Assurance to
DDS systems:
Authentication Service Plugin. Provides the means to verify the identity of the application
and/or user that invokes operations on DDS. Includes facilities to perform mutual
authentication between participants and establish a shared secret.
AccessControl Service Plugin. Provides the means to enforce policy decisions on what DDS
related operations an authenticated user can perform. For example, which domains it can join,
which Topics it can publish or subscribe to, etc.
Cryptographic Service Plugin. Implements (or interfaces with libraries that implement) all
cryptographic operations including encryption, decryption, hashing, digital signatures, etc. This
includes the means to derive keys from a shared secret.
Logging Service Plugin. Supports auditing of all DDS security-relevant events.
Data Tagging Service Plugin. Provides a way to add tags to data samples.
dido/public/ra/xapend/xapend.b_stds/tech/omg/dds_security.txt · Last modified: 2021/08/13 16:25 by murphy