Child pages
  • Confidentiality

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Excerpt

Informatiom about the Bitrepository confidentiality considerations

Confidentiality 

Confidentiality is general security goal where content is protected from third party exposure.
There should be no point or circumstances where content can be intercepted or acquired by a third party – in a form where the content can be interpreted or transformed into an interpretable form.

A simple way of doing this is to encrypt files before they enter the Bit Repository, and keep all data encrypted all the way until it reenters a secure client context.
In practice this means that the client handles all confidentiality issues.

Message confidentiality 

Message confidentiality may be ensured by encrypting the message xml bodies using a SLA/organisation specific PKI. Furthermore, messages are SSL-encrypted during network transfers between client and message broker and between broker and piller (using the common national bit repository PKI).

Data transport confidentiality

Data confidentiality during transport may be ensured using the SLA/organisation specific PKI. If the body operating the pillar is not trusted, the files themselves must be encrypted before submitted to the Bit repository infrastructure, ie. on the client side


Under construction, see BITMAG-142@jira

...