Overview
The FlexClient-Server Model uses FlexSystem's proprietary encryption and compression technology to create a Secure Channel for data transfer that resists eavesdropping and tampering.
Open Standard Support
Ensures confidentiality of data transferred over the network. Connections can be optionally encrypted on the FESA application server, supporting server certificates for client verification.
Architecture on applying secure connection on FESA application server.
Key Exchange
When enabled, data transfers utilize a secure connection. The process begins with a client request for key exchange, where both parties perform an asymmetric encryption-based key exchange to securely establish a session key for symmetric encryption.
Download it for free
To establish a secure connection:
1. The client encrypts a randomly generated pre-master-secret using a 1024-bit or 2048-bit RSA algorithm and sends it to the server.
2. The server derives the session key from this pre-master-secret, ensuring that the session key is cryptographically secure and valid only for that session.
Connection Encryption
Once the session key is established, the connection is encrypted using either:
• 256-bit Advanced Encryption Standard (AES)
• 192-bit Triple DES (3DES)
Specifying a Symmetric Algorithm
The default is AES 256-bit, but it can be overridden based on server configuration.
Server Certificate
The application server can install an X.509 certificate to authenticate its identity to client devices. This certificate includes a public key for secure session key exchange.
Security Setting
Security Setting
Security Setting
Proprietary Secure Channel
