The Devil Framework Application Server was designed with security in mind, using state-of-the art technologies and practices.

Multi-user System

• Multiple groups can be defined, each one with its set of permission settings.

• Multiple users can be defined, each one with its set of permissions and configuration options (startup view, etc.). Users can be assigned to one or more predefined groups, inheriting all their permission settings.

• Users can be enabled/disabled at any time.

• Audit trail of user actions can be enabled/disabled at any time.

• Users password have an optional expiration time.

• Distributed single sign-on from all the allowed components with extensible authentication sub-system.

Secure Communications

• All components (Devil Framework Application Server ones and visualization and management ones) authenticate each other using the internal Public Key Infrastructure (PKI) sub-system.

• All communication channels can be independently configured to use clear or encrypted transports. Encryption keys are generated and exchanged using the PKI sub-system.

Resources

A resource definition can be assigned to every object defined in the system. A resource definition specify all the security settings regarding the access to an object, its properties and its functionalities by users and groups.