2.9.6 Data Integrity for Task-Based Management

Task/command-based WM protocols can use either HTTP or HTTPS as a transport. HTTP provides no protection against eavesdropping, and it is recommended not to be used to transport confidential information.

The Command invocation client and server roles will support secure string encryption, as specified in [MS-PSRP] section, credential encryption, and secure host APIs.

The Windows security model handles security for resources that are accessed by using PSRP and WSMV in a task-based approach. This resource security is applicable between the command execution engine and the managed objects, as described and illustrated in section 2.9.