MEP server security features include the following:
TLS/HTTPS is used to provide authentication and encryption between the device and the Gateway Engine. The OMA DS protocol requires support for basic authentication and for verification of data integrity using a message digest created with MD5. The use of transport layer security (HTTPS) is assumed.
In a two-tier MEP installation, TLS/HTTPS is used for communication between the Web Service connector and the Web Service endpoint.
The Gateway Engine incorporates an Application Server realm for user authentication. The default configuration uses a JDBC realm.