mirror of https://github.com/dapr/docs.git
Aaron Crawfis
GitHub
commit
5f65ba6181
|
|
@ -11,7 +11,7 @@ This article addresses multiple security considerations when using Dapr in a dis
|
||||||
|
|
||||||
Several of the areas above are addressed through encryption of data in transit. One of the security mechanisms that Dapr employs for encrypting data in transit is [mutual authentication TLS](https://en.wikipedia.org/wiki/Mutual_authentication) or mTLS. mTLS offers a few key features for network traffic inside your application:
|
Several of the areas above are addressed through encryption of data in transit. One of the security mechanisms that Dapr employs for encrypting data in transit is [mutual authentication TLS](https://en.wikipedia.org/wiki/Mutual_authentication) or mTLS. mTLS offers a few key features for network traffic inside your application:
|
||||||
|
|
||||||
- Two way authentication - the client proving its identify to the server, and vice-versa
|
- Two way authentication - the client proving its identity to the server, and vice-versa
|
||||||
- An encrypted channel for all in-flight communication, after two-way authentication is established
|
- An encrypted channel for all in-flight communication, after two-way authentication is established
|
||||||
|
|
||||||
Mutual TLS is useful in almost all scenarios, but especially so for systems subject to regulations such as [HIPAA](https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act) and [PCI](https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard).
|
Mutual TLS is useful in almost all scenarios, but especially so for systems subject to regulations such as [HIPAA](https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act) and [PCI](https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard).
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue