Security is intrinsic to all tiers within the Synchrony solution and is implemented as a logical set of services within the Synchrony multi-tenant kernel. The various services provide the following levels of security:
- Access-level –Various authentication and authorization policies for access control.
- Wire-level – Data encryption for communications over the Internet.
- Application-level – Business objects can only be accessed utilizing a “smart-security” mechanism where a series of Access Control Lists (ACL) are configured on a per-campaign, per-tenant basis to ensure that the “sandbox” environment within a multi-tenant environment is enforced.
- Data-level – Each table and component of the data model schema has the notion of users, groups and security levels associated with it. The database itself is recommended to be set up in a “hardened” format wherein no other application can access that database machine other than the application and systems management services.
The security services support the propagation of key security information from client browser to the application servers so the information can be used for authentication, authorization and audit trail/logging. In addition to its embedded security features, Synchrony provides a complete SSL implementation. SSL or Secure Sockets Layer is a secure communication protocol that ties encryption, authentication and key exchange together into one communication layer that sits on top of a standard TCP/IP communication. The combination of these features provides robust, system-wide security allowing clients to focus on the application and its uses rather than the security infrastructure.