This page contains information regarding the security model for the services published and used by the Orchestration component.
Editor: Kurt Hansen
Security for Display clients and data sources
Mutual SSL is used by the Orchestration component for all communication to Display clients and data sources. This applies for the following flows:
Display client -> Orchestration component
Orchestration component -> Data source
Data source -> Orchestration component
Flow 1 and 2 are part of the data orchestration flow supported by the Orchestration component and flow 3 is part of updating index data for a data source in the Orchestration component.
The Administration interface
The administration interfacet for the Orchestration component uses Nemlog-in (OIOSAML) for autentifikation of the user. The services that are used by the administration UI, has build in autorisation validation of the user for the different actions they can do.
Certificates used for the HTTPS connection
The Orchestration component is designet to work with Fully Qualified Domain Name (FQDN) and an associated certificate issued by a public CA (CA - meaning a Certificate Authority). An example of a public CA is Statens IT, which issues certificates for governmental institutions and companies.
The Orkestrering component is not designed or implemented to support OCES certifikater for the HTTPS connection to/from the data sources.