ros2 / sros2

tools to generate and distribute keys for SROS 2
Apache License 2.0
90 stars 46 forks source link

Expose secure communication only with specified entities. #326

Open fujitatomoya opened 6 hours ago

fujitatomoya commented 6 hours ago

I do not think this is a bug for sros2, more like a question about practical configuration to support 3rd party device with security enclaves.

System Information

Required Info:

Overview

image

Requirement

fujitatomoya commented 6 hours ago

IMO, once the node is bound to the security enclaves, that should be protected by secured network, that means it requires all the other nodes need to be bound to the security enclaves as well. otherwise, they cannot discover the participant at all.

i can think of ROS 2 router, https://docs.vulcanexus.org/en/latest/rst/tutorials/cloud/secure_router/secure_router.html could be the solution for this? this is gonna be extra routing process to bridge localhost communication in the robot and secured communication outside of the robot. but i would like to get feedback from community how people are doing with this kind of situation to support 3rd party device with secured communication.

ros-discourse commented 6 hours ago

This issue has been mentioned on ROS Discourse. There might be relevant details there:

https://discourse.ros.org/t/expose-secure-communication-only-with-specified-entities/40957/1