:
Last modified: Dec 15, 2023

Altinn 3 Broker Security Controls

Altinn 3 Broker Security Controls - Summary

On this page:

This is work in progress.

Authentication and Authorization

Maskinporten and Altinn Authorization

Checksum

TBD

Virus check

  • Configurable per transfer via intitalization

In-transit protection

Encrypted file transfers with TLS/HTTPS.

At rest protection

Encrypted Broker File Storage; ref. Azure Storage encryption for data at rest | Microsoft Learn.

Encrypted Broker Metadata Storage, Metadata storage using the PostgreSQL Database. Detalis TBD

TBD: Specific encryption solution… firewall, not V-net…

Alternative file storage solutions

TBD

DDoS attack prevention

DDoS attack prevention via Azure API Management.

Hosting

Private cloud hosting

On-premises hosting

Coding practices

TBD Open source

Key Vault

Azure Key Vault, Private keys, internals… identities (hidden tokens); secrets, Altinn authentication