University of Twente Student Theses


DDS in a Zero Trust Cloud Native Environment in the Naval Domain

Rengers, J.J. (2022) DDS in a Zero Trust Cloud Native Environment in the Naval Domain.

[img] PDF
Abstract:The Data Distribution Service (DDS) is a middleware service that implements a publish-subscribe pattern. A novel approach in naval domain is the transition towards a cloud-native environment to build scalable, resilient, and flexible systems. Another requirement for ICS systems that is becoming more important is security. The problem however is that the DDS was not designed with security and flexibility in mind. This research investigates how the DDS can be deployed securely on a zero-trust network using cloud-native technologies. Two solutions are proposed. Solution one is based on the DDS Security standard that implements security on the application layer. Solution 2 is based on node-to-node encrypted tunnels, implementing security on the transport layer. Both designs were proposed based on the initial requirements and an analysis on the threats that a cloud-native DDS implementation can face on a zero-trust network. To analyse the performance of both solutions, the round-trip time and throughput were measured under different situations. The experiments show that there is no significant difference in the performance of both solutions. This leads to the conclusion that solution 1 should be favourable because it is aware of the DDS entities and can therefore offer more granular security.
Item Type:Essay (Master)
Thales NL, Hengelo, The Netherlands
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page