Security
Go beyond the norm in cybersecurity.
- Security Features
  Maintaining the control over production and the processes in the application has the highest priority in automation. Even measures to prevent security threats must not affect this.
  - Authorization Concept
  - Certificates
  - Login
  - Login Framework
    The WinCC OA login framework provides a framework that is easy to extend. The WinCC OA login panels can be easily replaced by user-specific panels without having to re-implement the functionality.
  - Server Side Authentication
    - Server-side Authentication for UI Managers
      When using the server-side authentication for UI managers the user has to authenticate himself to the User Interface via the HTTP server. Communication between the user interface and the WinCC OA core (Data manager / Event manager) is only possible if the login credentials are verified by the HTTP server and clearance is ensured via a user interface specific token.
    - Server-side Authentication for Managers
      When sever-side authentication for managers is used, the managers that establish a connection to the DATA or EVENT manager must authenticate themselves. This enhances the security especially when projects are connected over the Internet. In the server-side authentication for managers the managers must authenticate themselves by using x.509 certificates.
  - User-defined Login
  - Authentication via Kerberos, basics
    In a more and more networking world, a WinCC OA system could be exposed to different types of attacks. An unauthorized WinCC OA system could connect to the distribution manager or hackers could try to manipulate WinCC OA messages.
- Multiplexing Proxy
  The WinCC OA Multiplexing Proxy Manager is used to increase the security of your WinCC OA projects.
- Further References

Server Side Authentication