Linxter has security built in at many layers.
IMPORTANT: Your Web Manager username and password, and your Company, Developer, and Activity IDs should be kept secret. You should never include them in any communication. You should never e-mail these credentials to anyone. It is important to keep these confidential to protect your account.
SDK Components
All of the components from the SDK down through the resource access layer are obfuscated to protect the implementation logic and algorithms from compromise by a malicious client.
SDK Database
The SDK database is encrypted so that settings used by the SDK cannot be changed directly or compromised by end users. All messages (and their attachments if any) sent by a program instance are stored in the encrypted database until their delivery to the ISB is confirmed.
Service Calls to ISB
Calls from the SDK to the ISB back-end services use WS-Security protocols to authenticate the messages. A special SDK user identity is contained by the SDK database and is used to authenticate the calls to the back-end services.The services include authorization attributes to restrict incoming calls to only the specific known identities in the system. Each registered program is assigned its own identity.
Message Encryption
All messages are encrypted using X.509 certificates. This provides for end-to-end security, regardless of the number of intermediaries networks (hops) involved in transferring the message and regardless of whether or not those networks are secure.
ISB Services
The ISB back-end services run in server processes secured with discrete middle tier identities, and only those identities are used to authenticate and authorize access to the databases that sit behind the services.
Communication Channel Restrictions
The program configuration settings available through Web Manager allow developers to restrict instances by allowing them to only create or receive communication channel requests to/from instances of specific programs. In addition, restricted instances cannot be found by unauthorized program instances when searching for instances to send requests to.