RTI's Real-Time Messaging Middleware Integrated with Security-Enhanced Linux

Combination provides end-to-end information assurance in high-performance distributed computing environments

The peer-to-peer messaging architecture of RTI Data Distribution Service is particularly well-suited to take advantage of SELinux security type-enforcement capabilities.
The peer-to-peer messaging architecture of RTI Data Distribution Service is particularly well-suited to take advantage of SELinux security type-enforcement capabilities.

Real-Time Innovations (RTI), The Real-Time Middleware Experts, today announced that RTI Data Distribution Service, its real-time messaging middleware, has been integrated with Security-Enhanced Linux (SELinux). This combination provides real-time and high-performance distributed applications with the ability to securely distribute data by combining RTI’s high-performance network communications with the extremely flexible Mandatory Access Control (MAC) facilities of SELinux.

RTI Data Distribution Service allows distributed applications to securely exchange messages and data by authenticating peers and encrypting information that is sent over the network. The MAC capabilities of SELinux add several additional levels of protection against mis-configuration, software errors and application vulnerabilities:

* System-wide security policies control which applications are allowed to communicate with each other. Even applications with the appropriate credentials and keys can communicate only if explicitly provisioned to do so.

* Files containing keys, configuration information and logs are protected from unauthorized access.

The integration was developed in partnership with Tresys Technology, a recognized leader in SELinux and security services. Tresys heavily contributes to, and hosts, the userspace repository for SELinux.

The use of RTI Data Distribution Service with SELinux allows high-performance distributed systems to meet stringent government and commercial security standards, including DCID 6/3 PL4, DoD 8500.2, NIST 800-53, PCI, SOX and HIPPA. The SELinux security type enforcement introduces a small increase in latency of roughly two percent regardless of message size. For details and performance benchmarks, a whitepaper can be downloaded from www.rti.com/mk/securing-rti-dds-selinux.html.

“RTI Data Distribution Service and SELinux are well suited because of RTI’s peer-to-peer messaging architecture,” said Karl MacMillan, director of Core Technology at Tresys. “RTI’s infrastructure is completely embedded within communicating applications, without separate processes such as message brokers or servers and as a result, SELinux is able to fully control all communication. Most other messaging implementations depend on shared processes, which introduce security vulnerabilities and significantly complicate security management.”


RTI Data Distribution Service and a reference SELinux security policy are available today from RTI.

About RTI Data Distribution Service

RTI Data Distribution Service is a high-performance messaging, data distribution and data caching infrastructure for the development and integration of real-time, net-centric applications. It meets the demanding requirements of mission-critical systems including deterministic performance; low latency; high throughput; full fault tolerance; the ability to run in ad hoc and autonomous environments; and support for unreliable or low-bandwidth networks such as wireless and satellite links. A loosely coupled integration approach significantly reduces long-term software maintenance costs by allowing individual subsystems to be added or upgraded without impacting existing software.

RTI Data Distribution Service provides application programming interfaces that comply with the Object Management Group (OMG) Data Distribution Service for Real-Time Systems (DDS) specification, the leading standard for high-performance real-time application integration. RTI also natively supports the Real-Time Publish-Subscribe (RTPS) wire protocol for peer-to-peer interoperability with other RTPS-compliant DDS implementations.

About RTI

Real-Time Innovations (RTI) provides high-performance infrastructure solutions for the development, deployment and integration of real time, data-driven applications. RTI’s messaging, caching and Complex Event Processing (CEP) capabilities deliver dramatic improvements in latency, throughput and scalability while slashing cost of ownership. The company’s software and design expertise have been leveraged in a broad range of industries including defense, intelligence, simulation, industrial control, transportation, finance, medical and communications. Founded in 1991, RTI is privately held and headquartered in Sunnyvale, CA. For more information, please visit www.rti.com.