StreamStudio security

There are several ways in which you can enhance the security of the StreamStudio installation. For example, you can use web service security and set up Trusted Communication Channels (TCC). You can also run in isolated environments with firewalls in between.

Figure 6

Example, web service security (WSS), TCC, and firewall

Web service security

In Control Center, you can specify that all web service requests from StreamStudio to the service gateway are authenticated with the credentials of the user logged in to StreamStudio. For more information, see the Control Center documentation.

Trusted Communication Channel (TCC)

If you use web service security, it is recommended to encrypt the communication between StreamStudio to the service gateway by configuring a Trusted Communication Channel (TCC). For more information, see the OpenText StreamServe Security User Guide.

Firewalls

You can also enhance security by using isolated environments with firewalls in between. The company environment decides where to put the firewalls. For example:

•	If a company has an existing front-end web server, you can use a separate computer for the Java application server (on which StreamStudio runs) and install a firewall in between.

•	If a company exposes the web services, a firewall between the Java application server and the service gateway may be suitable.

Note:

If you combine a firewall between the Java application server and the service gateway with a TCC, you must make sure the SSL packages are sent without parsing.

HTTPS for maximum security

For maximum security, you should use HTTPS for the end-users that access StreamStudio. This is configured in the Java application server. For SAP NetWeaver®, see the SAP NetWeaver Application Server Java Security Guide.