Coordination

To secure a system that communicates using FTL software, administrators and application developers must coordinate to share security requirements and artifacts. The TIBCO FTL and TIBCO eFTL documentation sets include coordination forms to guide this conversation and record important information, such as security requirements and settings. This topic highlights the artifacts and information that that pertain to security.

FTL Application Development
  • Trust File

    Administrators supply a copy of the FTL server trust file to developers and operations staff.

    Developers code applications to specify the location or contents of the trust file in the realm connect call.

  • Credentials

    Administrators configure user credentials for authentication and authorization, and supply them to developers for testing applications and to operations staff for running applications.

eFTL Application Development
  • Credentials

    Administrators configure user credentials for authentication and authorization. Supply credentials to developers so they can test applications. Supply credentials to device users so they can run applications that connect to a secure eFTL service.

  • Trust File

    Legacy eFTL client apps already trust the eFTL service's custom identity certificate.

    Updated client apps must trust the FTL server's identity certficate.

    Administrators supply a copy of the FTL server trust file to developers and operations staff.

    Developers code updated or new applications to specify the location or contents of the trust file.

  • eFTL Authorization Groups

    Developers inform administrators about the publish and subscribe requirements of apps.

    Administrators configure channels with publish and subscribe authorization groups.