Security constraints

SWIM-DEFN-160

A service definition should include or refer to information about the security constraints which are expected to apply to accessing and using the service.

The service provider should be aware of any security constraints to be implemented.

Completeness: Not Applicable.

Consistency: Not Applicable.

Correctness: If provided, verify that the information is correct.

Example:

• authentication

  • The service may offer unauthenticated/public use.

  • If the use is authenticated, the service shall ensure consumer authentication in accordance with the EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of a X.509 certificate or the use of a username/password (SASL).

  • The service shall ensure provider authentication in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of a X.509 certificate.

• authorisation

  • The service shall ensure that satisfactory authorisation is put in place according to EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile requirement SWIMTIYP-0070.

• confidentiality

  • The service shall ensure point-to-point confidentiality in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.2 or above.

• integrity

  • The service shall ensure point-to-point integrity in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.2 or above.

Recommended

Correctness

Check that:

[  ] The information about the security constraints which are expected to apply to accessing and using the service in the service definition is correct.