Notes on HCAI Security

From SmartWiki
Jump to: navigation, search

1. Requests can only originate from SmartSimple Server and can only be triggered by user.

2. The form data is not posted to external environment directly, instead a ticket with minimal information is sent (for performance consideration as well as security considerations).

3. The form data is encrypted by a private key and transmission is encrypted by SSL.

4. NO privacy data is stored in SmartSimple HCAI gateway server, this server only stores ticket information and responses from HCAI.

5. A snap–shot of data sent to HCAI is always stored locally in the specific instance of SmartSimple for audit purposes.