DDS-SECURITY 1.1 RTF Avatar
  1. OMG Issue

DDSSEC11 — Add the concept of "data origin authentication" and clarify what DDS-Security provides

  • Key: DDSSEC11-115
  • Status: closed  
  • Source: Real-Time Innovations ( Dr. Gerardo Pardo-Castellote, Ph.D.)
  • Summary:

    Section 4 of the spec (Terms and Definitions) should be expanded to include these additional definitions.

    Data Integrity
    Assurance that data has not been altered since creation time.

    Data Origin Authentication
    A mechanism providing assurance that a party is corroborated as the source of specified data (it includes data integrity).

    Message Authentication
    An alternative term for Data Origin Authentication.

    Section 7.1 says that Securing DDS means providing "Non-repudiation of data" instead it should say "data-origin authentication"

  • Reported: DDS-SECURITY 1.0 — Wed, 12 Jul 2017 22:06 GMT
  • Disposition: Resolved — DDS-SECURITY 1.1
  • Disposition Summary:

    Clarify Data Origin Authentication versus Non-Repudiation

    In Section 4 (Terms and Definitions) add definitions for: Data Integrity, Data Origin Authentication, and Message Origin Authentication.

    In Section 7.1 (Security Model) list also Message-origin and Data-origin authentication. Indicate that Non-repudiation may be optional.

    In Section 9.2 (Requirements and Priorities (Non-Normative)) change "Message integrity and authentication" to "Message integrity and data-origin authentication"

  • Updated: Tue, 19 Dec 2017 20:03 GMT