University of Twente Student Theses
DDS in a Zero Trust Cloud Native Environment in the Naval Domain
Rengers, J.J. (2022) DDS in a Zero Trust Cloud Native Environment in the Naval Domain.
|
PDF
3MB |
| Abstract: | The Data Distribution Service (DDS) is a middleware service that implements a publish-subscribe pattern. A novel approach in naval domain is the transition towards a cloud-native environment to build scalable, resilient, and flexible systems. Another requirement for ICS systems that is becoming more important is security. The problem however is that the DDS was not designed with security and flexibility in mind. This research investigates how the DDS can be deployed securely on a zero-trust network using cloud-native technologies. Two solutions are proposed. Solution one is based on the DDS Security standard that implements security on the application layer. Solution 2 is based on node-to-node encrypted tunnels, implementing security on the transport layer. Both designs were proposed based on the initial requirements and an analysis on the threats that a cloud-native DDS implementation can face on a zero-trust network. To analyse the performance of both solutions, the round-trip time and throughput were measured under different situations. The experiments show that there is no significant difference in the performance of both solutions. This leads to the conclusion that solution 1 should be favourable because it is aware of the DDS entities and can therefore offer more granular security. |
| Item Type: | Essay (Master) |
| Clients: | Thales NL, Hengelo, The Netherlands |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/93639 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page