Security
Overview
The platform implements multiple mechanisms to secure access to resources and keep your data safe. All user and security management is done under a single pane of glass: the configuration is done in one place, in the user-friendly graphical platform dashboard, and applied across all platform interfaces. The result is a significantly simplified, yet robust, data-security solution that helps organizations meet their compliance objectives.
The platform allows you to define local users and import users from an external identity provider (IdP), authenticate user identities, and control users' access to resources, including the ability to define fine-grained data-access policies.
To ensure proper security, the platform uses time-limited sessions and supports the HTTP Secure (HTTPS) protocol.
You can view logs for security events and user actions (such as a failed login or deletion of a data container) on the
HTTP Secure Data Transmission
For enhanced security, the platform's RESTful web and cluster-management APIs support the HTTP Secure (HTTPS) protocol (also known as HTTP over TLS), as defined in the RFC 2818 specification. See HTTPS Requests in the Securing Your Web-API Requests reference.
Encryption
The platform data-disks are encrytped using LUKS with 512-bit AES keys.
Authentication
See Authentication.
Authorization
See Authorization.