ProPTT2 support strong security features for enterprise aria.
All session and data would be encrypted by strong encryption algorism.
ID and password is encrypted in 3 steps. Hash, OTP and TLS/SSL.
|Password||Saved hashed password by Sha512 + BCrypt(option)|
|OTP||OTP(One-Time-Password) is used for authentication|
|2 phase authentication||User can use authentication token(IMEI, SSAID, Phone number, SMS token and so on) with password.|
(detail for SMS token)
|Password Policy||Customer can set the Password Policy for user.|
|TLS/SSL||All login seesion is encrypted by TLS/SSL|
PTT control session
|TLS/SSL||All control seesion is encrypted by TLS/SSL|
Media sharing session encryption is optional. if PTT has a attribute of encription, it would work.
|End to End Encryption||ProPTT2 support E2EE. PTT server support key distribution for PTT clients.|
|Algorism||ProPTT2 support AES128/256 (wikipedia), ARIA256 (wikipedia) Encription algorism|
Local client must encrypt local data.
|System DB||The important field in DB is encrypted with AES.|
|iOS||OS can support encryption for each app.|
|Android||ProPTT2 encrypt local DB with AES.|
Video sharing session
Video sharing session encryption is optional.
|TLS/SSL||Video sharing session is encrypted by TLS/SSL|
AdminWeb also have secure features.
|TLS/SSL||All communication is encrypted by TLS/SSL|
|XSS Protection||AdminWeb support XSS protection headers and script prevention. XSS|
|CSRF Protection||AdminWeb support CSRF protection token and script prevention. CSRF|
For highest security level
In device side, VPN and MDM can be used for PTT service.
|VPN||VPN can support encryption for each session. You can use high performance encryption.|
|MDM||MDM can manage device, app and user's profile on high level security.|