Face SDK Security
This documentation provides guidelines to ensure the robustness and safety of your Face SDK implementation.
Securing Network Connections
For secure data transmission, use HTTPS connections:
Authentication of Requests
The Face SDK Web Service does not inherently support authentication and processes all incoming requests without discrimination. To mitigate the risk of unauthorized or malicious usage, it is strongly recommended not to expose the Web Service to public Internet access.
For enhanced security, deploy the Web Service within a closed perimeter, like a Demilitarized Zone (DMZ), and configure a proxy server at the entrance point:
The simplest method to establish secure access is as follows:
1. Set up Basic authentication on the proxy server. This authentication mechanism requires clients to provide valid credentials to access the Web Service.
2. When sending a request to the Web Service, include the appropriate authentication header:
3. The incoming request is authenticated by the proxy server.
4. If the authentication process succeeds, the request is forwarded to the Web Service for processing.
5. If authentication fails, the request is rejected.