Security Functionality

MediationZone can be configured to use secure and authenticated communication between the different, distributed parts of the system.

X.509 certificates are used to ensure the authenticity of the client and server and TLS is used to encrypt the information passed between the client and the server.

All communication between the Access, Control, and Execution Zones can be configured in this manner. Additionally, the communication between the different services in the Control Zone can also be configured to use this capability.

MediationZone also supports encryption of all or a selection of configuration items. Encrypted configurations can be executed according to the access control profile of the user, but can never be read or modified without providing the password provided at the time of encryption. This mechanism is useful to enforce Intellectual Property Rights (IPR) protection, as well as to make sure that an end user cannot read or make modifications to an approved and tested configuration. Encrypted configurations will not be possible to view after a System Export operation.