Connext DDS Secure
Secure Messaging for Intelligent Machines
Connext DDS Secure provides the world's first standards-compliant, off-the-shelf messaging platform that delivers the security, performance and safety required for deployment of the Industrial Internet of Things. It complies with the new Data Distribution Service (DDS) Security specification from the Object Management Group (OMG).
Two-Minute Topic: Connext DDS Secure
Features and Benefits:
- Provides authentication, authorization, non-repudiation, confidentiality and integrity
- Protects discovery information, metadata and data
- Defends against unauthorized access, tampering and replay
- Operates without centralized servers for high performance, scalability and availability
- Runs over any transport including TCP, UDP, multicast and shared memory
- Integrates with existing security infrastructures and hardware acceleration
- Secures unmodified existing DDS applications
Securing critical infrastructure is essential for safety and economic reasons. And it must be pursued without sacrificing performance or reliability. The machines that make up medical, energy, manufacturing, transportation and defense systems must perform at the speed of the physical-world processes they manage. Even brief unplanned outages can be disastrous.
Connext DDS Secure introduces a robust set of security capabilities to the Connext DDS Professional package. These include authentication, encryption, access control and logging. Secure multicast support enables efficient and scalable distribution of data to many subscribers. Performance is also optimized by fine-grain control over the level of security applied to each data flow, such as whether encryption or just message authentication is required.
An optional SDK allows implementation of custom security plugins. These can be used to integrate with existing authentication infrastructures, support additional encryption algorithms or leverage hardware acceleration. The Plugin SDK includes source code to the standard RTI plugins as an example.
Security is implemented above the transport layer and does not require a secure transport protocol such as TLS/SSL or DTLS. Any Connext DDS transport can be used securely, including UDP, TCP and shared memory. Support for UDP multicast (both reliable and best effort) enables very efficient data distribution when there are many subscribers to the same data.
Only data that must be private has to incur the overhead of encryption and decryption. This is much more efficient than TLS and other transport-layer security approaches that encrypt all data. For example, it is not necessary to encrypt the observable data reported by a weather station used to forecast power demand; the data only has to be signed with a Message Authentication Code (MAC) to prevent malicious manipulation.
Connext DDS Secure complies with the Data Distribution Service (DDS) Security specification from the Object Management Group (OMG). This provides interoperability with other compliant DDS implementation, as well as portability of custom plugins.
To request an evaluation version of Connext DDS Secure please register for Connext DDS Professional. A sales representative will contact you.