Security
Zenoh security is layered, but only part of it is standardized by the base wire protocol. Transport confidentiality and peer authentication depend primarily on the selected link protocol, while session authentication and access control are negotiated or enforced by implementations above the raw message syntax.
Layers
| Layer | Mechanism |
|---|---|
Transport security |
Provided by the selected underlying link protocol when that protocol supports it (for example TLS over TCP or QUIC with TLS 1.3). The Zenoh wire protocol does not add its own encryption or signature layer on top of an insecure link. See Links. |
Session authentication |
The |
Access control |
Access-control policy is enforced locally by each node and is configured out of band. The base wire protocol does not define a portable ACL syntax or policy-distribution mechanism. See Access Control. |
Security Properties
This specification supports the following security properties when the deployment enables the corresponding mechanisms:
- Confidentiality
-
Provided by secure transport links such as TLS- or QUIC-based locators, not by bare TCP or UDP alone.
- Integrity
-
Provided by the underlying secure transport and by strict message decoding/validation.
- Authenticity
-
Peers may be authenticated by the transport layer, by the session-layer
Authexchange, or by both. - Authorisation
-
Operations on key expressions may be allowed or denied by local policy.
See Threat Model for the threats this model is designed to address.