T.Rodon login session specifics
The TASSTA security concept is based on the ACL (access control list) security model, which helps precisely control who has access to which TASSTA resources. In addition to authenticating users by user name and password, server-side TASSTA software associates a number of rights and permissions with each user and group. This way it defines privileges and roles and prevents misuse of resources.
One such permission is Allow Rodon. T.Rodon sessions can be started only by those accounts for which the administrator has enabled this. Users without this permission can only connect from the T.Flex mobile client.
Closing T.Rodon logs out your current user. To log out without closing the application (for example, to switch accounts), click the Logout button in the right-pane toolbar.
Connection security details
All TASSTA applications use an encrypted connection that enables authentication, session management, and access control mechanisms. All data between clients and servers is exchanged through encrypted channels. This protects the connection from active eavesdropping and passive disclosure in the network traffic. It also prevents session fixation attacks during the authentication or authorization processes.
The T.Rodon client application uses the HTTPS protocol for communication with services provided on the server side. This makes data exchange robust and secure.
By default, TASSTA signaling flow is encrypted with TLS using the 256-bit AES-SHA encryption method. Authentication from client to server is performed with digital certificates. Voice is not encrypted by default, but the encryption option can be used on demand. If the specific encryption algorithm is not defined, TASSTA will offer an Authenticated-Encryption Algorithm with blockcipher: AES128, AES192, and AES256 specified in ISO/IEC 19772:2009.