Security


Description of the security model of the Bit Repository

Security model in the Bit Repository Architecture

Security in the Bit Repository is based on standard protocols and cryptography and centred around the use of X.509 certificates. 

Central to the security model is RepositorySettings which defines the repository, including the levels of security, components and their permissions. RepositorySettings is the only source of trust for components, meaning that components should only trust certificates found in RepositorySettings and for instance not the system CA. 

Security can be configured for varying degrees going from strict permissions to no security at all. The latter is only intended for casual testing. 

Data and protocol messages are not encrypted explicitly but rather their confidentially is ensured by using encrypted transports i.e. mTLS connection to the messagebus or mTLS-enabled WebDAV for fileexchange. 

To ensure that messages are authentic, cryptographic signatures are utilized, which are sent along with the messages. The signature is also used to identify which component sent the message for authorization purposes. In the following sections details are elaborated.


Encryption

To prevent anybody from eavesdropping on the bit repository data and messages exchanged, all communication is encrypted. 

Authentication

To ensure messages are transmitted, untampered signature based authentication is used.

Authorisation

Describes how messages requesting operation on a collection are checked against the permission model.