Security & Logging

Security

Corteza Federation leverages Corteza’s already established authentication facility, using system users and JWT tokens (later referred as a token).

This enables us to reduce potential security holes and leverage our RBAC access control facility.

During the node pairing, each node creates a system user with an authentication token that can be used to access the node’s protected resources.

The two tokens in a node pair are not the same.

After the nodes are paired and the system users are created, we can assign roles to the federated user, further restricting what data the destination node is allowed to access using the RBAC access control facility

Each requested operation in the federated network goes through the access control facility.

Logging

Corteza Federation logs events (actions) that occurred in the federated network in the Corteza’s action log facility.

This enables administration and simplifies the debugging of any potential configuration issues.

Node pairing events

Pairing started: The event is logged when the nodes initiate the node pairing step.
Pairing failed: The event is logged when an error occurs during the pairing step.
Pairing finished: The event is logged when the nodes have been paired successfully.

Structure syncing events

Structure syncing started: The event is logged when the nodes initiate the structure syncing step.
Structure syncing failed: The event is logged when an error occurs during the structure syncing step.
Structure syncing finished: The event is logged when the nodes have successfully performed the structure syncing step.

Data syncing events

Data syncing started: The event is logged when the nodes initiate the data sync step.
Data syncing failed: The event is logged when an error occurs during the data sync step.
Data syncing finished: The event is logged when the nodes have successfully performed the data sync step.