security model and encryption - microsoft · 2019. 11. 4. · for encryption at rest ∙ security...
Post on 10-Oct-2020
4 Views
Preview:
TRANSCRIPT
SECURITY MODEL AND ENCRYPTION
MULTI-USER Remote Desktop
Manager
MULTI-USER Devolutions
Password Server
Security Model and Encryption
LEGEND : Encryption at Rest Encryption in Transit
∙ Security Providers are used for encryption at rest
∙ Security Providers support passphrase and certificate secret
∙ Clients must have network access to the database
∙ AES256 encryption key is derived from passphrase or certificate using PBKDF2
∙ Encryption in transit is optional
∙ Encryption at rest is performed by DPS server.
∙ Security Providers are not required
∙ Clients only need to have network access to DPS
∙ AES256 encryption key is generated using a secure pseudo-random number generator (PRNG) on installation
∙ Encryption in transit should be enabled for maximum security
Database
Remote DesktopManager
Remote DesktopManager
Remote DesktopManager
Remote DesktopManager
Remote DesktopManager
Remote DesktopManager
Remote DesktopManager
Web Access
DatabaseDevolutions
Password Server
top related