The Secure Electron Adapter (SEA) targets the need for a completely open source means of developing secure, enterprise-class desktop applications. This technology is the means to host Web technology based (HTML5) applications directly on a computer desktop (versus within a consumer Web browser like Chrome or Edge). Specifically, this contribution offers a means to use Electron in a secured manner, making its use appropriate for the financial institution.
SEA provides a secure alternative to working directly with the Electron API. It acts as a firewall, intermediating API calls within a permission structure that obviates the risk of running third party content in a desktop agent.
It is pure open source, requiring no commercial software, relying exclusively on Electron.
The contribution has been assessed by a third party to be secure and of appropriate architecture to address security considerations generally. In addition to our own work designing a secured Electron, we have implemented or provided vetted, alternative approaches to all recommendations for security provided by the Electron community.
SEA is currently a part of ChartIQ's commercial Finsemble offering. It was developed in 2018 and early 2019 as part of Finsemble's migration off of OpenFin technology due to the wish to run more purely on standard Electron capability. This is a production offering and the basis of current Finsemble client installations. It is our actively maintained product capability and we intend to continue evolving and maintaining it as such.
It is currently not completely isolated in a form we can contribute. We are in discussions regarding the appropriate packaging/isolation of it as a standalone framework appropriate for general consumption.
We do not yet have this contribution in a form that is appropriate for open consumption. This submission is an indication of our intent and we are discussing the steps needed to extract from our commercial offering the capability described here.
We are actively maintaining and evolving this code base. We will continue to do so and we have an entire engineering team contributing. We have not decided how we will structure committers vs contributors from our teams.
We already maintain an active FINOS membership and participate in other programs. We will work to align this contribution with other appropriate programs within FINOS.
That's amazing - thanks for the update. In order to get this done by the Board meeting we should get this done next week. Do you see it still doable?
I also know your team is also connecting with and to talk about a virtual meetup in early May, so it could be a great timing to announce the contribution!
In order to get this done by the Board meeting we should get this done next week.
Makes sense. I have a meeting on Thursday afternoon that should confirm our ability to make that deadline…will be in touch w/ confirmation.
Per today's Board resolution on Program Deprecation FINOS officers can now approve top-level incubating Projects when not fitting in a specific Program.
So I will now proceed approving this contribution, congratulations and thanks for putting it forward!
The code have been transferred and project have been registered in FINOS internal metadata.
Website is public on sea.finos.org - some styling fixes must be applied before sharing it.
I'm aware that and and are talking abour broder promotion plans, ie meetups and blogs, but we suggest sending out an announcement to email@example.com, we've put together a simple template you can follow if you'd like.
Finally, please sign up to firstname.lastname@example.org to be able to follow up on announcement reactions.
Announcement sent out, contribution onboarded. Thanks and congratulations!