Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Using digital signatures to sign deployable objects such as workflows and jobs. This approach is used in JS7 and a number of security levels are offered that determine the degree of foreclosure, for example by forcing signatures to be applied to deployable objects outside of the JOC Cockpit application on a secure device.
  • Placing certificates for digital signatures on the Agents that execute jobs. This is carried out on JS7 Controllers and Agents and if the signature does not match available certificates then deployment is denied. This mechanism does not prevent an authorized person from deploying workflows and but it prevents attackers from hijacking a user's identity and deploying malicious code.

...