Difference between revisions of "Notes on HCAI Security"
From SmartWiki
Julia Decker (talk | contribs) |
(No difference)
|
Latest revision as of 16:15, 3 January 2008
1. Requests can only originate from SmartSimple Server and can only be triggered by user.
2. The form data is not posted to external environment directly, instead a ticket with minimal information is sent (for performance consideration as well as security considerations).
3. The form data is encrypted by a private key and transmission is encrypted by SSL.
4. NO privacy data is stored in SmartSimple HCAI gateway server, this server only stores ticket information and responses from HCAI.
5. A snap–shot of data sent to HCAI is always stored locally in the specific instance of SmartSimple for audit purposes.