User Guide
8
water-protec.com
Live with peace of mind
Connection to the alarm system
Centris Technologies : 1471 Boulevard Lionel-Boulet, bureau 24, Varennes, Qc, Canada J3X 1P7
Web server and data security certification
Here are the elements put in place to maximize the security of the
web application, the communications between the server and the
controllers and the data on the server for the Water-Protec product.
These elements allow the Water-Protec product and web services
to comply with the Personal Information Protection and Electronic
Documents Act (PIPEDA). Authentication (guarantees a user’s
identity)
Logging in to the web application requires user name and password
authentication.
Authentication is performed using a strong password only.
Authorization (based on the authenticated user, validates the access
list)
Users created by default have limited access (standard user).
A standard user only has access to the data of his equipment or
to the data of the equipment of another user who has previously
authorized his access.
Only Water-Protec has the right to give a specific access according
to the configuration of the profile and the group.
Web server security
User passwords are encrypted with hash functions. It is not possible,
even for those who have access to the database, to see anyone’s
password.
SQL Injection Protection: Protects against a malicious user capable
of executing arbitrary SQL code on a database, which can lead to
record deletion or data leakage.
Cross site scripting (XSS) protection: Protects against the majority
of XSS attacks, allowing a user to inject client-side scripts into other
users’ browsers.
SSL / HTTPS: protects against malicious network users to detect
authentication information or any other information transferred
between the client and server to modify data sent back and forth.
Host Header Validation: protects against the use of a false host value
used for cross-site request forgery, cache poisoning attacks and link
poisoning in e-mails.
Cross-site request forgery protection (CSRF): Protects against a
malicious user performing actions using another user’s credentials
without their knowledge or consent.
Attested by
Alarm relay
The alarm relay connects the NO/NC
(Normally Open - Normally Closed) contacts
to the alarm system. It is activated when the
control panel sends a signal to close the valve,
but not by using the remote control.
Low battery relay
The low battery relay connects the contact
to the alarm system. In the event that a low
sensor battery message is received. Two
terminals are also available for normally
open contacts of the home alarm system
and indicate to the control panel that the
alarm system has been armed. The control
panel will shut off the water 2 hours after
these contacts are closed and will reopen
the water when the contacts are opened
again (the 2-hour delay allows for the
completion of the current cycle of the
washing machine or dishwasher).
1 2 3 4 5 6 7
Alarm
in
Alarm
out
Low
Batt
1-2 : Alarm IN
3-4 : Alarm OUT (NO)
4-5 : Alarm OUT (NC)
6-7 : Low battery signal
We recommend that the
system be connected by your
alarm provider
If the alarm system is not in use,
no connections should be made to
these terminals.
