Design And Implementation Of Secure Publish And Subscribe System Based On DDS

With the rapid development of computer communication,Io T technology has gradually played an increasingly important role in people's daily life.It has been glowing and heating in many fields such as unmanned driving,intelligent industry,smart city and so on.Data distribution service(DDS)standard with publish subscription architecture is being applied by more and more Io T solutions because of its good real-time and flexibility.Therefore,the security of data distribution service has become the focus of industry and academia.DDS model stores the data in a global space.This centralized management brings challenges to the security of data storage,which makes the system not only face the risk of system collapse caused by a single point of failure,but also allow attackers to tamper with the data.In addition,the data in ordinary publish subscribe system is transmitted in plaintext,which is very insecure in some highly confidential environment.Once some sensitive data is leaked,it may bring huge losses.Moreover,data distribution service publish subscribe system can't provide the protection of users ' identity privacy.It's not only that some sensitive users don't want to expose their identity in the process of using the system,but also that they can't disclose the relevant information of the source side in some scenarios.Therefore,it's of great practical value to develop a secure publish subscribe system with the function of identity privacy protection.To sum up,there are three kinds of risks in the current data distribution service publish subscribe system: data storage security risk,message privacy risk and user identity privacy risk.Taking advantage of the characteristics of blockchain,such as decentralization,tamper prevention,anonymity and smart contract,this paper proposes corresponding solutions to the above three risks in turn,and finally completes the design and implementation of a secure publish subscribe system based on data distribution service.The main work and innovation achievements of this paper include:(1)This thesis proposes a design scheme of publish subscribe system based on blockchain storage.This scheme can solve the problem that malicious attackers try to tamper with the data in the system.At the same time,because of its decentralized and distributed structure,it can also avoid the avalanche problem caused by a single point of failure.(2)The paper proposes a scheme of providing the security protection of identity privacy for the system by using ring signature algorithm.Through the protection of ring signature algorithm,attackers can not get the source of the message by intercepting the message,and achieve the purpose of hiding the address and identity of the message publisher.(3)The design scheme of realizing DDS data domain in the system is proposed,which provides users with fine-grained access to data.Using the data sub domain design in DDS standard,the security problems brought by data transmission in blockchain are solved by using the bifurcation technology in blockchain,which makes the system have better data transmission security.The main innovations of this article are divided into the following two points:(1)Combine blockchain technology with publish-subscribe technology,and use the features of blockchain technology such as non-tamperability,decentralization,and anonymity to solve the security problem of data tampering and single point of failure in the publish-subscribe system.(2)Use the bifurcation technology in the blockchain to realize the division of DDS data and apply it to the system design of this article to realize the fine-grained access to the data in the system and solve the security problem of the data in the transmission process.Finally,this article provides a complete back-end and front-end code implementation for the system design,provides a friendly visual interface and interactive interface,and tests the system's underlying network,application functions,and security performance.