Data Security
SEMDA does not have persistent storage like a database. It uses a reliable message broker (RabbitMQ) to temporarily store requests from various Local CMS. The requests are managed in a queue, assigned to each particular Local CMS. The request data is automatically destroyed when a request has been processed. The reliability feature of RabbitMQ ensures that the system survives a power failure or software crash without loss of data.
The access to the request data is possible only through the programmatic components of SEMDA. There is no GUI or tool to display the request data.
SEMDA fulfills the highest security requirements because:
- No data is persistently stored in SEMDA
- No data is exposed to a user interface or an interactive tool.
- Data related to a particular Local CMS is separated and isolated from all other connected systems.
- The data exchanged between the particular local CMS and RI is not passed to any other systems.
Access and encryption
Access to SEMDA is possible only through https protocol.
All data in transfer between local CMS and SEMDA and between SEMDA and RI is encrypted. Data inside SEMDA is not encrypted for troubleshooting reasons.
Authorization
Each local CMS need first an RI authorization to use the RI integration
services via SEMDA. SEMDA Authorization to use the productive SEMDA system will
be granted only when the owner of the local CMS has sent a signed copy of
this RI authorization to ARM.
The SEMDA authorization to use the SEMDA systems is issued by the ARM. Respective product contract and SLA must be signed. ARM will then pass the required unique authentication key to the local CMS. This key must be used for the connection to SEMDA and in all requests.
Authentication
Each request from local CMS to SEMDA must contain a unique authentication key which identifies the local CMS. This authentication key is generated by the ARM and passed to the local CMS after contract and SLA have been signed. Request without valid
authentication key are discarded.