Article 2Security measures
The following security measures shall be observed in ETAES in order to prevent unauthorised access:
- (a)
encryption of communication between the ETAES client and the ETAES server, using a https protocol with a Secure Sockets Layer certificate;
- (b)
web security preventing attackers from injecting client-side scripts into the web page(s) and from using multiple layers to trick a user into clicking on a button or link to another web page;
- (c)
a fine grained access control system that makes it possible to grant, read or write permissions for the access of authorised parties.