Secure Sessions
Secure Sessions provide a way to password-protect communication between two nodes on a network above and beyond the security of the network itself. With secure sessions, a device can 'log in', or create a session with another device that is encrypted and only readable by the two nodes involved. By restricting certain actions—such as remote AT commands or FOTA updates—to only be allowed over one of these secure sessions, you can make it so access to the network does not allow network configuration. A password must be set and the proper bits of SA (Secure Access) must be set to enable this feature.
The following definitions relate to secure Sessions:
| Term | Definition |
|---|---|
| Client | The device that is attempting to log in and send secured data or commands is called the client. |
| Server | The device that is being logged into and will receive secured data or commands is called the server. |
| Secure Session | A secure connection between a server and a client where the pair can send and receive encrypted data that only they can decrypt. |
| Secure Remote Password (SRP) | Name of the authentication protocol used to create the secure connection between the nodes. |
| Salt | A random value generated as part of the authentication process. |
| Verifier | A value derived from a given salt and password. |
PDF
