Post date: Jun 4, 2020 5:51:32 AM
User access to the system is through the Internet (HTTPS or HTTP connection) or Intranet (HTTP connection). TLS encryption technology is available for Triniti Application access. TLS connections are negotiated for at least 128-bit encryption or stronger. The private key used to generate the cipher key is at least 2048 bits. In some cases, a third-party site used with Triniti Application and not under the control of Triniti may force a non-encrypted connection. In some cases, a third-party site that Customer wishes to integrate with the Triniti Application may not accept an encrypted connection.
Access to Triniti Application is controlled by restricting access to only authorized personnel. Triniti enforces Username and Password policies. TDM Framework provides both Role and User-Based Security (RBS & UBS). Application access is given to Role and User can have one or more Roles. System access controls include system authentication, authorization, access approval, provisioning, and revocation for users. The following are a few features in the Username & Password Policy:
Users must change the password after the first login.
Users can change passwords at any time using the Change Password option.
User can get their password using the Forgot Password option.
The user's account can be disabled with an effective end date.
The System restricts login with the same user from different browsers/systems.
The System can lock the user for invalid attempts and provides a provision to unlock the user by administrators.
Weak Passwords can be set up to restrict Users to use them.
Password Policy provides options for:
Min / Max Password length
Numeric / Special Character in Password
Upper Case
Password Reuse
Exclude Dictionary Word
Exclude Username
Password Expiry Days
Unsuccessful Login Attempts
No. of repeated Characters/Numbers allowed
Enforce Password History
Username Policy provides options for:
Allow spaces
Case sensitive
When Triniti Application is launched from other systems using Single Sign-On (SSO) mechanism provided by the launching system, then the same user (available in launching system) should be available in TDM Framework Security and provide the right access to the user.