CME Globex implemented secure authentication for iLink and Drop Copy sessions on Convenience Gateway (CGW) and Market Segment Gateway (MSGW).
The new logon procedure secures the client system logon with:
- Customer identity verification - a client system logon request will be signed with security credentials issued and validated by CME Group.
- Message confidentiality and integrity - to credential the logon message, the client system sends a keyed-hash message authentication code (HMAC) generated from a combination of the logon FIX tag values. When CME Globex receives the logon message, it uses the identical inputs to calculate the HMAC value to validate against the logon request. If the values do not match, CME Globex rejects the logon.
Customers must create secure key pairs for iLink and Drop Copy Sessions in the
CME Customer Center.
Secure Logon procedure was implemented inside DropCopy Handler. To provide secure keys to DropCopy Handler please call corresponding
Logon(String, Int32, String, String) or
Logon(String, Int32, String, String, String, String, String) methods.
Also Secure Logon procedure can be used with Scheduler using
CreateLogonMessage(String, String) method.