|
|
Communication model using Data distribution service and communication security assessment
Frollo, Martin ; Fujdiak, Radek (oponent) ; Pokorný, Jiří (vedoucí práce)
The diploma thesis is focusing on middleware layer in distributed systems. It introduces typically used communication protocols and standards operating on this layer. In theoretical part it brings closer look at OMG DDS specification. This part contains fundamental functionalities of this specification along with its architecture blocks. Thesis also describes the RTPS protocol functionality. Existing implementations of OMG DDS standard are described at the end of theoretical part. OpenDDS 3.13 implementation is used in practical part of thesis. It is deployed and tested on various platforms. Next part verifies option of securing RTPS data stream using beta version of OMG DDS Security, which OpenDDS 3.13 implementation contains. Secured and unsecured data flows are being compared. Latency of data stream is also important, especially in distributed systems. DDS system, which measures latency of RTPS stream is created in practical part. Latency of this DDS system can be measured in various configurations. Difference of devices’ performance used in measurements can be clearly seen in latency results where the size of data samples is increasing. Differences of measured latency are also recognizable between reliable and unreliable and secure and unsecure RTPS stream. Part of measurements is made between 2 physical devices with and without an attacker. Type of attack is MITM and it captures RTPS flow, which does not belong to attacking machine.
|
|
|
Cyber-security in systems of publish-subscribe type
Detko, Adam ; Blažek, Petr (oponent) ; Pokorný, Jiří (vedoucí práce)
This thesis deals with data distribution service and is divided into three parts. The first part of this thesis focuses on theoretical knowledge of data distribution service. This section gradually introduces the model used in data distribution service, quality of service and the RTPS protocol, which was specially developed for the needs of data distribution service. The most comprehensive part of the theoretical part deals with security in data distribution service. At the end of the first part of this thesis, selected impelementations of data distribution service are introduced. The second part of this thesis deals with practical use of data distribution service, while OpenDDS implementation is chosen for the practical part. This part initially deals with the design of basic communication scenarios, followed by the design of complex communication scenarios. In the next chapters, within the practical part, the thesis is focused on verifyng security of the data distribution service selected implementation, design of security incidents and their subsequent simulation. Content of the final part of this thesis is the introduction of a tool designed for this thesis, which is used to implement selected types of attacks.
|
|
|
Implementation of OMG/DDS model and communication analysis
Bučko, Kristián ; Fujdiak, Radek (oponent) ; Pokorný, Jiří (vedoucí práce)
In bachelor´s thesis there is an introduction of OMG DDS specification, theoretical comparison of three most widespread implementations OpenDDS, Vortex Opensplice and RTI Connext, too. Important differences between data-focused publish-subscribe and object-focused client-server (e.g. CORBA) communication are also described in the thesis, as well as the usefulness of these two types in real-time systems. Implementation of RTI Connext is practically demonstrated on various types in scenarios of unsecured and secured communication where the communications themselves are caught in wireshark. The safety is evaluated in captured transfers. The publisher and subscriber codes were adjusted according to a need of measurement by which a communication latency between various sizes of a message is analyzed. A script in Python programming language was created for processing of timestamps and averaging values. A complete comparison of these scenarios and their graphical visual display are done in the end.
|
|
| |
|
| |
|
|
Cyber-security in systems of publish-subscribe type
Detko, Adam ; Blažek, Petr (oponent) ; Pokorný, Jiří (vedoucí práce)
This thesis deals with data distribution service and is divided into three parts. The first part of this thesis focuses on theoretical knowledge of data distribution service. This section gradually introduces the model used in data distribution service, quality of service and the RTPS protocol, which was specially developed for the needs of data distribution service. The most comprehensive part of the theoretical part deals with security in data distribution service. At the end of the first part of this thesis, selected impelementations of data distribution service are introduced. The second part of this thesis deals with practical use of data distribution service, while OpenDDS implementation is chosen for the practical part. This part initially deals with the design of basic communication scenarios, followed by the design of complex communication scenarios. In the next chapters, within the practical part, the thesis is focused on verifyng security of the data distribution service selected implementation, design of security incidents and their subsequent simulation. Content of the final part of this thesis is the introduction of a tool designed for this thesis, which is used to implement selected types of attacks.
|
|
|
Implementation of OMG/DDS model and communication analysis
Bučko, Kristián ; Fujdiak, Radek (oponent) ; Pokorný, Jiří (vedoucí práce)
In bachelor´s thesis there is an introduction of OMG DDS specification, theoretical comparison of three most widespread implementations OpenDDS, Vortex Opensplice and RTI Connext, too. Important differences between data-focused publish-subscribe and object-focused client-server (e.g. CORBA) communication are also described in the thesis, as well as the usefulness of these two types in real-time systems. Implementation of RTI Connext is practically demonstrated on various types in scenarios of unsecured and secured communication where the communications themselves are caught in wireshark. The safety is evaluated in captured transfers. The publisher and subscriber codes were adjusted according to a need of measurement by which a communication latency between various sizes of a message is analyzed. A script in Python programming language was created for processing of timestamps and averaging values. A complete comparison of these scenarios and their graphical visual display are done in the end.
|
|
|
Communication model using Data distribution service and communication security assessment
Frollo, Martin ; Fujdiak, Radek (oponent) ; Pokorný, Jiří (vedoucí práce)
The diploma thesis is focusing on middleware layer in distributed systems. It introduces typically used communication protocols and standards operating on this layer. In theoretical part it brings closer look at OMG DDS specification. This part contains fundamental functionalities of this specification along with its architecture blocks. Thesis also describes the RTPS protocol functionality. Existing implementations of OMG DDS standard are described at the end of theoretical part. OpenDDS 3.13 implementation is used in practical part of thesis. It is deployed and tested on various platforms. Next part verifies option of securing RTPS data stream using beta version of OMG DDS Security, which OpenDDS 3.13 implementation contains. Secured and unsecured data flows are being compared. Latency of data stream is also important, especially in distributed systems. DDS system, which measures latency of RTPS stream is created in practical part. Latency of this DDS system can be measured in various configurations. Difference of devices’ performance used in measurements can be clearly seen in latency results where the size of data samples is increasing. Differences of measured latency are also recognizable between reliable and unreliable and secure and unsecure RTPS stream. Part of measurements is made between 2 physical devices with and without an attacker. Type of attack is MITM and it captures RTPS flow, which does not belong to attacking machine.
|
host ::
RSS.