Speaker
Description
Client-Server Authentication and Validation of Messages for Tango Control System Using Asymmetric Cryptography and Digital Signatures
All Tango messages exchanged over the network include a digital signature which authenticates the client performing given operation and contents of the message. The key pair used for signing messages can be generated per host, user or application. This can be configured e.g. in /etc/tangorc, environment variables or on command line.
Device Server has access to a security policy (e.g. stored in Tango database) which specifies which clients are allowed to interact with which elements of the control system and which operations are allowed. The clients are recognized based on their public key.
The policy can be configured per server, device, attribute/command, or for the whole control system instance.
Conversely, the device server can also sign it's messages in order for the client to be able to verify them.
