Security

in

Linxter has security built in at many layers. The SDK database uses encryption, the service calls from the SDK use Username Token authentication and authorization, message transfers are encrypted using SSL, and the ISB back-end services run under secure middle tier identities and do not impersonate the caller identity.

SDK Database Security

The SDK database is encrypted so that settings used by the SDK cannot be changed directly or compromised by end users. The encryption is based on a password that needs to be used as part of the connection string for the database.

Service Call Security

Calls from the SDK to the ISB back-end services use WS-Security protocols to authenticate the messages. A special SDK user identity is contained by the SDK database and is used to authenticate the calls to the back-end services. To protect the data while in transit, the Linxter SDK utilizes SSL for end-to-end encryption. The services include authorization attributes to restrict incoming calls to only the specific known identities in the system.

Service Security

The ISB back-end services run in server processes secured with discrete middle tier identities, and only those identities are used to authenticate and authorize access to the databases that sit behind the services.