Contact Us
Forum
Log In
Register

About
Community
Guidelines
Standards
Resources
Events
Membership
News

Cybersecurity Working Group – FIX Authentication (FIXA) Subgroup

Private Group Active 1 year, 6 months ago

The FIX Authentication (FIXA) Subgroup is working to standardise and propose best practice for how firms are authenticated as part of the FIX session protocols. This is independent of using TLS (the Internet Transport Layer Security protocol) and FIXS (FTC’s FIX-over-TLS standard). However, the output will also provide an essential part of FIXS.Our scope is currently to standardise authentication across the FIX4, FIXT and FIXP session protocols, and we are additionally considering WebSockets. The idea is to leverage HTTP Authentication and provide a standard framework across the FIX session protocols to allow us to embed or map HTTP Authentication. We can then use various HTTP Authentication schemes which we intend to shortlist or add to as necessary.We are ultimately looking to make it easier for firms to communicate securely. We intend on doing this by improving standardisation and extensibility, using proven and generally accepted methods, and by deprecating out-of-date methods. The FIXA workstream is part of the FIX Cybersecurity Working Group and its focus is just one security control area from the many controls which the Cybersecurity Working Group is considering.Co-chairs:Charles Kilkenny, ActuareNeil Horlock

Home

This is a private group. To join you must be a registered site member and request group membership.

FIX Protocol Ltd © | All Rights Reserved

Contact Us
Privacy Policy
Terms and Conditions
Advertising
Sitemap

Privacy Policy /

Manage Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage {vendor_count} vendors Read more about these purposes

View preferences

{title} {title} {title}