Control TLS

Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

Transport layer security is implemented by both Client and Service for communication between them. This prevents passive snooping in the network, including gateway devices, but it does not prevent service impersonation attacks. That can be prevented by also using service authentication via a trusted key (e.g. X.509 or equivalent).

Access to service Service is controlled, by authenticating authorised users during the TLS connection against a known public key registered via a trustworthy means such as X509.

Access to a service requires authentication using an asymmetric cryptographic challenge during a TLS connection establishment by Client, based on an X509 or other trusted public key belonging to the authorised user.

Access to a service requires authentication using an asymmetric cryptographic challenge during a TLS connection establishment by Client, based on an X509 or other trusted public key belonging to the authorised user. Here the client Client is acting as a proxy for its host device, so the key is actually installed on CHost.