Notes on HCAI Security
From SmartWiki
Revision as of 15:15, 3 January 2008 by Julia Decker (talk | contribs)
1. Requests can only originate from SmartSimple Server and can only be triggered by user.
2. The form data is not posted to external environment directly, instead a ticket with minimal information is sent (for performance consideration as well as security considerations).
3. The form data is encrypted by a private key and transmission is encrypted by SSL.
4. NO privacy data is stored in SmartSimple HCAI gateway server, this server only stores ticket information and responses from HCAI.
5. A snap–shot of data sent to HCAI is always stored locally in the specific instance of SmartSimple for audit purposes.