For data service owner
What is it about?
Here is a list of different control questions, the answers to which will help you understand the important elements for a secure X-tee implementation.
What is the danger here?
|Do you have a hosting service agreement with your security server owner?|
There may be a lack of a unified understanding of, for example, guaranteed availability of a security server, response to incidents during non-working hours, and so on.
The hosting service agreement helps to fix the most important points between the owner of the data service and the owner of the security server. For example, security server availability and SLA and notification about maintenance work.
Hosting service agreements may not be necessary if the owner of the data service and the owner of the security server are both in the same organization.
|Does your application communicate with the security server over HTTPS using mTLS?|
If mTLS is not in use, the security server does not validate that the incoming request is sent by the correct application and not by a malicious attacker.
If mTLS is not in use, the application does not validate that the response sent to it was delivered by the security server you used, and not by a malicious attacker.
If HTTPS is not in use, the traffic between the application and the security server is unencrypted and could be compromised.
|Do you have a data service usage agreement concluded with your data service customers?|
NB! §12 of the X-tee regulation requires the provision and use of the data service in accordance with the data service usage agreement between the members.
|Do you have the contact information of your data service customers stored?||In the absence of contact information for customers of the data service, it may not be possible to notify them if there is an error in the data service or when maintenance work is taking place. Contact information is important so that you can quickly contact your customers during an incident.|
|Do you have a procedure for storing message logs agreed with the owner of the security server?|
In the absence of agreement, message logs may not be stored for a sufficient period of time. For example, you may need the message logs of the last 3 years, but the owner of the security server has set the storage for only 1 year.
Message logs can be used to prove the use of the data service and the transmission of information/data shared by the data service. This may be important if a legal dispute arises within the framework of the use of the data service.
|Is the software of your application or information system regularly updated?||If the information system or application interfaced with X-tee contains security vulnerabilities (e.g. outdated libraries or other software), the information system/application may be compromised through it. This can lead to data leakage, loss of integrity, and other issues that can have very serious consequences for the data service provider and data service customers.|
|Are your X-tee subsystems and their contacts described in the X-tee self-service environment?|
If your X-tee subsystems do not have contacts described, your data service clients or RIA user support may not be able to contact you quickly if a serious problem occurs.
Describing information about X-tee subsystems helps to give you and other X-tee members a clear overview of what your subsystem is designed for.
|Are the X-tee data services offered by you described in the X-tee self-service environment?|
If your data services are not described in the X-tee self-service environment, those interested in data services may contact you with questions that can be prevented by describing them.
In addition, the X-tee self-service environment is a good place to add documents and attachments related to data services. For example, a data service usage agreement document.