The gateways uses two built-in security mechanisms to control access to ECMWF:

The ECaccess certificate is a standard X509 digital certificate saved on the user's computer as a file. It identifies a user to the gateway. The ECaccess Certification Authority (ECCA) signs each certificate. Therefore, when a user provides his certificate to the gateway, its signature is checked using the ECCA public key for verification. A certificate can be created:

The ECaccess certificate is valid for 7 days for all services.