Access is limited to authorized users per SWIM TI Yellow Profile.
SECURITY_CONSTRAINT
The requested information may contain a digital signature using SHA-256 or stronger.
Communication is encrypted per SWIM TI Yellow Profile.
Access is limited to authorized users per SWIM TI Yellow Profile.
Only authenticated users are authorised to use the service. The service shall ensure consumer authentication in accordance with the EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of a X.509 certificate over mTLS and the use of a username/password (SASL). In order to use the service and have access to appropriate service functions and operations, the client must have user roles granted in service provider authentication system.
The integrity is ensured by TLS encryption
Communicaions are based over HTTPS
The authentication is based on mutual TLS and requires all users to request using an X.509 certificate. The service support TLS 1.3
All connections to the service require mutual authentication through a client digital certificate issued by Austrocontrol.
Interested organizations must formally request the issuance of this certificate from Austrocontrol prior to being granted access.
The exclusive access network for the ARE Service is NEWPENS (New Pan-European Network Service).
Connections via any other network are not permitted.
Access is managed under the SWIM security and governance framework, ensuring confidentiality, integrity, and traceability of all exchanged information.
The service ensures point-to-point integrity in accordance with EUROCONTROL Specification for SWIM Technical Infrastructure (TI) Yellow Profile through the use of Transport Layer Security (TLS). However the Message Security based on S/MIME 4.0 proposed in SWIM TI Yellow Profile 2.0 is not yet implemented.