Menu
All uLinga products support Transport Layer Security (TLS) up to and including v1.3, for all TCP/IP connections they utilise. Be it for WebCon connections, or protocol-specific applications such as Kafka or IMS Connect, any data sent over TCP/IP can be protected. uLinga products also support certificate authentication as part of TLS session establishment to authenticate the remote partner in the connection.
For certain configurations of some uLinga products, the storage of sensitive data may be required. One example might be a password required to establish an HTTP Basic Auth connection, which is to be provided as part of creating a uLinga resource. With uLinga’s Encryption of Sensitive Data (ESD) these types of fields can be stored in encrypted form, and only decrypted within the running uLinga process, as needed.
uLinga’s WebCon browser-based User Interface allows users to login with system user IDs, or internally configured user IDs. For those users with enterprise Single Sign-On (SSO) systems in use, WebCon can be setup to allow users to login with an enterprise user ID using OIDC-based SSO.
Some entities within uLinga support authentication using OAuth 2.0. Once authenticated, uLinga receives a JSON Web Token (JWT) assertion that can be used to access secure endpoints within the enterprise, such as Kafka clusters or HTTP endpoints.
uLinga products have been enhanced to support quantum-safe encryption through hybrid key exchanges for TLS 1.3. Although no Cryptographically Relevant Quantum Computer (CRQC) exists today, “Harvest Now, Decrypt Later” attacks can still be a threat to your data. See our blog article for more information.
Each uLinga product implements specific security features as required for that product and/or protocol. uLinga for Kafka supports Simple Authentication and Security Layer (SASL) for secure Kafka connections. uLinga Gateway supports TLS proxy functionality to TLS-protect TCP/IP applications. For more information see the product-specific pages on this website.