Date of Award
3-2022
Document Type
Thesis
Degree Name
Master of Science
Department
Department of Electrical and Computer Engineering
First Advisor
Richard Dill, PhD
Abstract
The military deploys many IoT in battlefield operations to provide information on terrain and enemy combatants. It also deploys automated robots or UAVs where securing and trusting collected data is essential. Choosing the middleware that handles this message transfer is crucial for real-time operations. Networks with multiple entities, including IoT devices, UAVs, and small computers, require robust middleware facilitating message sending in real-time. Ideally, the middleware would provide QoS to handle lost packets and retransmissions in lossy environments, especially between low-power machines. DDS is a middleware that implements real-time and QoS capabilities by sending messages, not based on endpoints but topics. However, DDS nodes are susceptible to impersonation attacks, which compromise integrity and trust. To mitigate these attacks, DDS-C is developed as a security layer that integrates with DDS by using Kerberos tickets to identify and authenticate valid DDS nodes. This thesis evaluates DDS-C performance, determining if authentication overhead impedes DDS operations by using ROS 2 and Cyclone DDS as testbeds. Additionally, DDS-C is integrated into a commercial network AI provided by Bright Apps as a real-world use case. The results of this research conclude that DDS-C does not impact DDS operations to any significant degree. The added security and minimal middleware impact could help the military ensure node integrity in operational missions.
AFIT Designator
AFIT-ENG-MS-22-M-052
DTIC Accession Number
AD1166912
Recommended Citation
Park, Andrew T., "DDS-Cerberus: Improving Security in DDS Middleware Using Kerberos Tickets" (2022). Theses and Dissertations. 5326.
https://scholar.afit.edu/etd/5326