Security

This page is no more maintained, the current one is at https://www.tiian.org/flom/security/Security.html

FLoM security

FLoM security is based on two major topics:

• TLS (Transport Layer Security) protocol
• X.509 certificates

Very Important Note

The source code of FLoM has not yet been reviewed by a security expert.
Please pay attention that there's no guarantee related to FLoM security: you can use it, in accordance with the terms of the GNU General Public License, at your own risk.
If you are a security expert and you want to collaborate, please post your feedback using the Discussion forum.

Security levels

There are 3 different security levels:
1. no security: this is the default behavior
2. channel encryption: this is the easiest security level to configure
3. mutual authentication: this is the strongest security level offered by FLoM

No Security

The default behavior of FLoM is to use clear text TCP/IP sessions without any type of security.
With this configuration:

• any FLoM client can connect to any FLoM server (daemon)
• all the network traffic can be captured and recorded because it's based on XML document exchanges between the peers.

Channel Encryption

With this configuration FLoM uses the TLS standard to encrypt the TCP/IP network traffic and:

• a FLoM client can connect to a FLoM server (daemon) only if the client and the server use an X.509 certificate signed by the same certification authority
• all the network traffic is encrypted and protected by the algorithms implemented by TLS

Configuration example 1

Node 1 uses a X.509 certificate signed by the certification authority CA1.
Node 2 uses a X.509 certificate signed by the certification authority CA1.

Configuration example 2

Node 1, 2, 3 and 4 use the same X.509 certificate signed by a certification authority.

In general, you can create a network of secured peers with a set of X.509 certificates signed by a single certification authority. A trivial configuration is the re-use of the same certificate for many peers.

Mutual Authentication

This configuration extends Channel Encryption with a dedicated X.509 certificate for every node/system (physical or virtual) that hosts FLoM processes.
This security level requires a more complex setup, but adds a security constraint: only the nodes/systems with a dedicated X.509 certificate signed by a specific certification authority can join and work together.

Every node in the network has its own Unique ID that can be retrieved with the command:

flom --unique-id

(FLoM uses dbus to retrieve a system unique identifier).

With mutual authetication you have to:

• generate a distinct certificate for every node
• put the unique ID value inside the CN (Common Name) field of the certificate metadata

Configuration examples

Follow these links for a full description of the configuration examples:

• [Channel Encryption]
• [Mutual Authentication]

Debugging tools

TLS can be difficult to debug due to many possible issues:

• wrong X.509 certificates
• usage of private and public addresses
• firewalls between networks

FLoM provide an integrate debugging tool that can be used to test a TLS client/server and peer to peer connection.
There are two debugging sessions available:

• [Channel Encryption Debug]
• [Mutual Authentication Debug]