Security and Privacy

Token Based Authentication

Our web UIs and the following agents and profiles uses token based authentication:

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432456262

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432443512

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432468203

Role Based Access Control

See https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432515311 for more information.

OIDC Identity Provider

Access control to OIDC authenticated applications is integrated in role model, see https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432516771 for more information.

Encryption at Rest

See https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432521191 for more information.

Encryption at Transit

The following agents and profiles use TLS:

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432450969

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432452300

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432454393

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432456262

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432456125

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432458680

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432465469

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432444606

• https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432446020

and the system interfaces use HTTPS and TLS.

Immutable images

Usage Engine is delivered as docker images that are being scanned for any potential CVEs before being made available for download.

Automated certificate management

Use of cert-manager is recommended for deployment in private cloud or AWS, but can be disabled if needed.

See https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432511931 , https://infozone.atlassian.net/wiki/spaces/UEPE5D/pages/432512167 for more information.