1. OMG Issue

DDSSEC12 — Provide mechanism for changing the session keys associated with the different DDS Entitites

  • Key: DDSSEC12-122
  • Status: closed  
  • Source: Real-Time Innovations ( Dr. Gerardo Pardo-Castellote, Ph.D.)
  • Summary:

    The builtin plugins create session keys for multiple DDS entities (DomainParticipant, DataWriter, DataReader) and share those with the matched Entities that successfully authenticate and have the proper authorization. The session key(s) are used to protect the messages sent by the entity using encryption and/or message-authentication codes.

    Importantly the same key (e.g. a DataWriter key) may be shared with multiple matched DataReaders.

    There are situations where an Entity may need to change is Session Key. E.g. if it has been used to encode too many messages, or if there is a need to "revoke" access for one or more existing matched Endpoints.

    The specification should provide and describe the mechanism that implementations may use to change session Keys such that they are able to interoperate across vendors.

  • Reported: DDS-SECURITY 1.1b1 — Wed, 25 Oct 2023 04:58 GMT
  • Disposition: Resolved — DDS-SECURITY 1.2
  • Disposition Summary:

    Add a mechanism to change session keys

    Provide a mechanism to change session keys and send the modified keys to the authenticated authorized Participants

  • Updated: Mon, 17 Jun 2024 13:36 GMT
  • Attachments: