Home Community Discussion Forums Most Active Software Boards LabVIEW Topic

LabVIEW

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NI Server remote connection security

NI Server remote connection security

‎05-25-2006 03:21 PM

Hi,

I searched all the NI site and all the Labview help but couldn't find answers. My intention is to run one or more VI Server on an unsecure TCP/IP network. I would like to allow remote access using Open Application Reference node. We have Academic Site License so I have access to most recent version of almost all NI software. Related to this I have the three following questions:

1) I'd like to limit the access to certain VIs and certain VI servers (if there will be more than one server) on user level. The IP address level access rights are not enough since multiple users may have the same IP address. There is a feature in Labview 8.0 called Domain Account Manager with which I can create domains and create users and user groups. Can I use this information to limit access to VIs running on a VI server? There seems to be a NI Security: Get Access Rights Method which is more or less undocumented. Where can this be used?

2) How is the connection created by Open Application Reference and used in remote VI calls secured? Is the connection encrypted or can it be made encrypted using strong cryptography? How is the user information passed to the VI server when user logs in to a Domain Account Manager account? How is the user identity secured after the login during the session when user accesses security controlled resources?

3) What is the NI Labview related roadmap for authentication, access control, accounting and security of remote connections? I would really appreciate if the roadmap would include features that would allow secure remote access to any labview resources with user level dynamically controllable access control. I also would like to see some kind of session management so that passive users could be automatically logged out.  I would also appreciate if each instance of re-entrant VI (or class objects in the future) could have different access rights that could be defined when VI (object) reference is opened. Now anybody who has access to a certain VI can access the dataspace of any reentrant instance of that VI.
--
Tomi Maila
0 Kudos
Message 1 of 5
(3,654 Views)
Reply

Re: NI Server remote connection security

‎05-29-2006 08:09 AM

No answer from last week. New week has started, does anybody from NI have any idea on this subject?
--
Tomi Maila
0 Kudos
Message 2 of 5
(3,632 Views)
Reply

Re: NI Server remote connection security

‎06-05-2006 08:04 AM - edited ‎06-05-2006 08:04 AM

It seems nobody knows... Smiley Sad I assume no answer means no security at all. I suppose I have to write my own API for remote application calls then.

I guess the following solution may work for user level security on remote VI calls. Put VI server behind a VPN capable firewall. This firewall is taking the responsibility of access control. Allow only VPN connections to pass trough the firewall. Allocate a unique IP-address for each VPN connection. Now each user has a separate dynamic IP-address. Since open application reference calls can be allowed/denied on the IP-address basis, this functions as a user level access control. However this is really overkill solution. Does anybody come up with anything simpler? Of course some other secure certificate based connection can be used instead of IP-sec based VPN.

Tomi

Message Edited by Tomi M on 06-05-2006 04:15 PM

--
Tomi Maila
0 Kudos
Message 3 of 5
(3,616 Views)
Reply

Re: NI Server remote connection security

‎06-20-2006 09:48 PM

Try asking your question here

www.info-labview.org
0 Kudos
Message 4 of 5
(3,586 Views)
Reply

Re: NI Server remote connection security

‎01-31-2008 11:28 AM

Tomi did you ever get a description of the method "Get Access Rights"? I'm trying to find info, or an example, and can find neither.

Michael

0 Kudos
Message 5 of 5
(3,368 Views)
Reply