The service ensures client authentication in accordance with SWIM Technical Infrastructure (TI) Yellow Profile 2.0 requirement SWIM-TIYP-0042 by implementing username and password authentication using HTTP Authorization headers with Basic scheme for HTTPS based interfaces, and using SASL PLAIN for AMQP. Users connecting to the public interfaces must present a valid EACP client certificate, which must be further whitelisted in the service based on the details of the Distinuished Name portions of the client certificate such as Common Name, Organisation, Email. The service ensures server authentication in accordance with SWIM-TIYP-0042.</p>
SECURITY_CONSTRAINT
The service ensures point-to-point integrity in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.2.
The service ensures point-to-point confidentiality in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.2.
Only authenticated users are authorised to use the service. The service shall ensure consumer authentication in accordance with the EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of a X.509 certificate over mTLS and the use of a username/password (SASL). In order to use the service and have access to appropriate service functions and operations, the client must have user roles granted in service provider authentication system.
The service ensures point-to-point integrity in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.3.
The service ensures point-to-point confidentiality in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile 2.0 through the use of Transport Layer Security (TLS) 1.3. The communication is encrypted by TLS with a certificate issued by the EACP.
The service ensures that satisfactory authorisation is put in place according to EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile requirement SWIM-TIYP-0070.
The service ensures client authentication in accordance with SWIM Technical Infrastructure (TI) Yellow Profile 2.0 requirement SWIM-TIYP-0042 by implementing username and password authentication using HTTP Authorization headers with Basic scheme for HTTPS based interfaces, and using SASL PLAIN for AMQP. !!MTLS-STATEMENT-OPTIONAL. The service ensures server authentication in accordance with SWIM-TIYP-0042.</p>
The service ensures point-to-point integrity in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS) 1.3.
The service ensures point-to-point confidentiality in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile 2.0 through the use of Transport Layer Security (TLS) 1.3. The communication is encrypted by TLS with a certificate issued by the EACP.