StreamBase provides several choices for organizations that need to control access to data and functions when they deploy StreamBase applications. The first two security methods are mutually incompatible — you can configure only one of them for any one StreamBase Server instance. The third method can be used by itself or in combination with the other security options:
- StreamBase proxy server-based security
-
This option offers a high level of security. It can be used to provide:
-
Encrypted communication.
-
Authentication of remote entities and users using either one-way or two-way SSL, and signed X.509 certificates.
-
Managing users through one or more LDAP servers.
-
Authorizing users to perform specific commands based on roles.
To learn about using this security option, see Using the Proxy Server to Control Client Access.
-
- Security tagging
-
This option allows you to tag specific data streams with different security levels. The tags are defined in the StreamBase Server configuration file. You can then design your application to detect the security levels of incoming data and respond appropriately.
To learn about using this security option, see Using Security Tagging to Control Access to Data.
- StreamBase Server-based authentication
-
This option is the simplest to configure and provides the lowest level of security. Implemented entirely through StreamBase configuration files, it provides:
-
No encryption.
-
User authentication using username and password.
-
Authorization based on user roles.
To learn about using this security option, see Enabling StreamBase Server Authentication.
-
- Enciphering passwords and strings
-
You can encipher the certain values in the server configuration file so that they are not readable as plain text. StreamBase Server automatically deciphers these enciphered values. See Enciphering Passwords and Parameter Values.