SIX Swiss Exchange
 ContactContact English  
 
 
 

Technology

Using IBL is subject to a contract between the issuer and the SIX Swiss Exchange.

Each time a user accesses IBL, he or she must authenticate himself or herself with a valid user name and password. Logging in opens a 128-bit SSL connection between the IBL Web server and the client (Microsoft Internet Explorer version 5.5 or higher; no other browsers are supported). This is accomplished by means of a third-party server certificate (VeriSign).

A session ID replaces the user name and password as the authentication device; the session ID is also SSL-encrypted and stored in an HTTP session cookie. No client certificates are used. Session IDs become invalid when the user logs out and after 60 minutes of idle time; the idle timer itself is reset with each query. The system stores passwords only in the form of MD5 digests. The IBL system records user activity and application statuses in an audit trail. IBL does not require the client to have Java or JavaScript installed.

The IBL server is located behind a firewall comprising two proxy servers; this allows it to access the IBL database and the supplementary systems that are required for further processing. The system is ensured against failure and distributed among two separate facilities. An automated system makes sure that defective components do not cause any interruptions in the offered services and that no data is lost.