GeoStream Security

This topic outlines the mechanism and components involved with security over a GeoStream network. It begins with an overview of the main components, followed by the authentication process for both .NET clients and JavaScript clients.

The GeoStream security revolves around an authentication process based on:

• a server key (which may be shared or not)
• server configuration options
• a rigorous client/server handshaking process
• an authentication token

The server key, a globally unique identifier (GUID), is used in the formation of the authentication token. Depending on client-server topography, the server key may or may not be shared among other servers or clients. See later sections for more information regarding sharing.

The GeoStream server can be configured with the following configuration files:

• web.config - key/value pairs including: AuthFile, FriendsFile, ServerKey and MaxSessionLength

• FriendsFile - details a range of IP addresses which do not need authentication.

• AuthFile - details a list of valid users.

The handshaking process between the GeoStream server and the client depends on the type of client: .NET or JavaScript. The process is based on tokens being passed from the GeoStream server to the client, at the request of the client. A successful authentication will result in the client receiving an authentication token.

Configuring the server