/bcp-003

AMWA BCP-003 Security recommendations for NMOS APIs

Primary LanguageShellApache License 2.0Apache-2.0

AMWA BCP-003 NMOS API Security Recommendations

Lint Status Render Status

What do the recommendations do?

  • Document best practice and recommendations for securing AMWA NMOS APIs.

Why do they matter?

  • A secure control plane is essential.
  • These recommendations allow interoperability using widely adopted open technologies.

What are the recommendations?

  • BCP-003-01 recommends securing API communication using TLS 1.2 or better.
  • BCP-003-02 recommends using OAuth 2.0 authorisation using JWT.
    • IS-10 details how to do this.
  • BCP-003-03 recommends using Enrollment over Secure Transport for certificate provisioning.
  • INFO-002 provides guidance for implementers.

Getting started

There is more information about the NMOS Specifications and their GitHub repos at https://specs.amwa.tv/nmos.