0

I would like to connect a volttron platform running on a raspberry pi connected to the local network of a building to a second volttron platform running on a virtual personal server.

I know that two volttron platforms can interact with each other using the Volttron Central Management Agent or using the ForwardAgent. However, it is not clear to me what security method is used. Our ICT manager only agrees to set up a connection if the information is exchanged through https.

Could you help me formulating an answer to ICT regarding the security issue? And give me some pratical tips on how to set up the volttron configuration files? I'm not very familiar with network/security technologies. Maybe important to know: the server has a proxy and a reverse-proxy security.

Thx!

Dap
  • 1
  • 1

1 Answers1

0

Your security person is correct. You should only set the platform up in a "real" environment through https. Since you have a proxy, that should be forwarded to the volttron central agent.

internet (443) -> proxy -> http://127.0.0.1:8080

The proxy in this case is on the same machine as the volttron central platform.

This is how we are doing it with apache as our proxy. One could do the same thing with a different web server such as nginx.

Hopefully that helps

If you are indeed trying to connect from a single instance to another instance (e.g. the way the forwarder does). Then the answer is the security is using public/private key pairs with curve mq providing perfect forward security. All traffic between platforms is 100% encrypted and only authorized agents can transmit across the instances bus.

http://curvezmq.org/

Craig
  • 949
  • 1
  • 5
  • 13