CME Globex implemented secure authentication for iLink and Drop Copy sessions on Convenience Gateway (CGW) and Market Segment Gateway (MSGW). The new logon procedure secures the client system logon with:
- Customer identity verification - a client system logon request will be signed with security credentials issued and validated by CME Group.
- Message confidentiality and integrity - to credential the logon message, the client system sends a keyed-hash message authentication code (HMAC) generated from a combination of the logon FIX tag values. When CME Globex receives the logon message, it uses the identical inputs to calculate the HMAC value to validate against the logon request. If the values do not match, CME Globex rejects the logon.
Secure Keys
Customers must create secure key pairs for iLink and Drop Copy Sessions in the CME Customer Center.
Implementation Details
Secure Logon procedure was implemented inside DropCopy Handler. To provide secure keys to DropCopy Handler please call one of corresponding overloaded OnixS::CME::DropCopy::Handler::logon() methods which accepts accessKeyId
and secretKey
parameters.