About transport encryption - CCURE Access Control 3.8.0

CCURE 9000 Access Control Plugin Guide 3.8.0

Product
CCURE 9000 Access Control
Content type
Guides > Plugin and extension guides
Version
3.8
Release
3.8.0
Language
English
Last updated
2023-10-10

To prevent packet sniffing and tampering with traffic between the Security Center and the CCURE 9000 system, you can encrypt the communication channel using a Secure Socket Layer (SSL) certificate.

Transport encryption works by creating an encrypted channel between the server and client. SSL certificates use an asymmetric public key (the server) and a private key (the client) that work together to authenticate and secure data. SSL connects the two machines using a cipher that encrypts and monitors data transfers, verifying that the data is secure and unchanged.

All SSL certificates need a private key to work. The private key is a separate file that is used in the encryption and decryption of data sent between the CCURE 9000 server and the connecting plugin clients. The private key is created when you create the SSL certificate.

How communication is secured between CCURE 9000 and Security Center

Diagram of how encryption works between the CCURE proxy and the plugin.

The CCURE 9000 Access Control plugin and the Genetecâ„¢ Security Center - Software House CCURE 9000 Access Control Proxy Service supply the communication channel between the CCURE 9000 system and Security Center.

For encrypted communications, you require the following:
  • A self-signed SSL certificate must be created on the CCURE 9000 server where the proxy service is installed.
  • Encrypted communication must be enabled on the CCURE 9000 Access Control plugin role.