logo SBA

ETD

Archivio digitale delle tesi discusse presso l’Università di Pisa

Tesi etd-05292009-125534


Tipo di tesi
Tesi di laurea specialistica
Autore
CASSANO, LUCA MARIA
URN
etd-05292009-125534
Titolo
Servizi di Sicurezza per Sistemi Publish/Subscribe Applicati a Reti Subacquee
Dipartimento
INGEGNERIA
Corso di studi
INGEGNERIA INFORMATICA
Relatori
Relatore Dini, Gianluca
Relatore Dott. Bechini, Alessio
Parole chiave
  • Anti-Replay
  • Authentication
  • Confidentiality
  • Integrity
  • Intrusion detection
  • Publish/Subscribe
  • Security
  • Underwater Acoustic Network
Data inizio appello
09/07/2009
Consultabilità
Non consultabile
Data di rilascio
09/07/2049
Riassunto
Many of the existing Publish/Subscribe systems only provide communication functionalities without giving security guarantees to applications that use these features.
The negative effects of this lack of security is exacerbated if the application context in which the system is working is a critical infrastructure such as production offshore (oil rigs or installations of kinetic energy recovery of the waves are only two examples) and if equally critical are the applications that use the communications services offered by the middleware (eg monitoring and control systems or anti-intrusion systems).
It is therefore necessary that in such contexts, the communication infrastructure can provide strong guarantees of security and reliability to the applications.
This thesis extends a particular Publish/Subscribe system, MOOS (Mission Oriented Operating Suite), adding security services that increase the level of reliability and robustness that the system can offer to applications in order to use the system in underwater acoustic networks.
Adding to MOOS a component called Security Manager makes the system able to offer confidentiality at packet and message level, integrity check, anti-replay, intrusion detection and authentication of the client.
What has been achieved is a suite of security features, called Secure-MOOS, completely modular, easily configurable through parameters entered in an appropriate configuration file and characterized by the fact that every function is activated regardless of the other so that the system can offer to each application, the configuration that will best meet its security requirements.
Given the criticality of the applications and the context for which Secure-MOOS was designed, and given the limited bandwidth of submarine physical transmission channel, great attention has been paid in introducing delays in communications and in increasing the size of the packets.
File