[ros-users] [Discourse.ros.org] [Next Generation ROS] Non-DD…

Forside
Dette indlæg hører under følgende tråd:
MDet komplette tråd-træ sorteret efter dato
Mgerkey via ros-users den <-
MTodd Malsbary via ros-users den ->
Vedhæftede filer:
Indlæg som e-mail
+ (text/plain)
Slet denne besked
Besvar denne besked
Skribent: ruffsl via ros-users
Dato:  
Til: ros-users
CC: ruffsl
Emne: [ros-users] [Discourse.ros.org] [Next Generation ROS] Non-DDS-based RMW implementation




[quote="GregBurns, post:5, topic:5890"]

Built-in security messages are authenticates and encrypted end-to-end (node-to-node)

[/quote]



I went reading through the DPS docs and was concerned that the security section made no mention of a access control (like with DDS's specification):



https://intel.github.io/dps-for-iot/security.html



I then spotted a brief subsection in the tutorials page about adding support for access control by interjecting custom policy functionality that could operate on the context of the connection, be it subscription, publication or acknowledgement control:



https://intel.github.io/dps-for-iot/tutorials-security.html#adding-access-control



While that seems like a good start, I'd like to see a default plugin that could be shared among client libraries to maintain interoperability. I fear leaving everyone to writing their own Policy Enforcement Point (PEP) and/or Policy Decision Point (PDP) could lead to inconsistencies in interpretation and enforcement of access control implementations.



<details>

Also looks like policy to enforce would then reside within the local participant, and not necessarily originate from the remote subject unless some additional handshaking exchange is introduced. This would otherwise require distributing policy updates to the entire IoT network rather then just to the participant/subjects affected. Perhaps the policies could be bound to subjects via extensions to the signed certs when using DTLS with certificates, though I'm not sure I'd recommend that approach.











---

[Visit Topic](https://discourse.ros.org/t/non-dds-based-rmw-implementation/5890/7) or reply to this email to respond.







If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list

http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>

Dette indlæg blev indsendt til følgende postlister:
ros-users
Postlisteoplysninger | Naboindlæg		<-[ros-users] [Discourse.ros.org] [Next Generation ROS] Non-DDS-based RMW implementation[ros-users] [Discourse.ros.org] [Quality Assurance] ROS Quality Assurance Working Group August 2018 Meeting Notes->
lists.ros.org list archives administreres af ros.orgLurker (version 2.3)