Search

 

Concerns: Vision/Vision Management Site/Vision Database

User: User Management Site, System administrator

Prerequisites

- Installation Futurama Vision Management Site

- Installation Futurama Vision Database

Introduction

Description which data is stored in the Futurama Vision Database.

 

Description

In the Futurama Vision Database data is stored. There are a couple of categories of data that can be stored. Below these categories are described.

Categories

In the Futurama Vision Database (personal) data is stored in order to use this within your application, and in order to use this for analyzing purposes. The next categories are relevant:

  1. Imported data
  2. User account data
  3. Event data
  4. Data stored from a Futurama application

In the chapters below these categories are further described.

Imported data

Description

See Importing data in Futurama for the user data that can be imported into Futurama Vision.

Encrypted

This data can be encrypted, see the paragraph Encryption of data below, and the tutorial page mentioned above for information how to encrypt this data.

User account data

Description

It is possible to create accounts for the users of your application. See also Futurama Accounts Management Site for more information. The next user account is potentially stored:

  • Login: identifier of the person, for example social security number
  • Password: in case the Futurama verification process is used (not an external identity provider)
  • E-mail: the e-mail address of the user. In case in your Futurama application the user can store his e-mail address
  • Question and Answer: can be used in the situation the Futurama verification process is used. This question and answer can be used in the situation that a user has forgot his password. This is optionally to use. If an external identity provider is used the question and answer are not applicable.
  • LastTry and LastVisit: time of respectively the last try to access the application and the last visit  of the application. Both only applicably in the situation the Futurama verification process is used

Encrypted

The password of the user is hashed, email and answer is encrypted. The other data is not encrypted.

Event data

Description

Futurama Vision can be used to analyze the use of the Futurama application by your users. In the Futurama Vision Management Site this can be analyzed. The data that is stored is the time when users has visited your application, and (if applicable) the  account status (see paragraph ‘Account management’).

Encrypted

Event data can be encrypted for Custom events only, the settings are configured at the App level. See the paragraph Encryption of data below for more information.

Data stored from a Futurama application

Description

It is possible to store data from a user. See ‘Storing data from a Futurama application’ for more information.

Encrypted

User data can be encrypted, which is configured at the DataSet level. See the paragraph Encryption of data below for more information.

Encryption of data

Sensitive data can be encrypted, which is configurable at two levels:

  1. at the App level (menu:Management>Manage Domain Tables, more info on Futurama Admin page)
  2. at the Dataset level (menu:Management>Manage Datastore Data, more info on Storing data page).

Both levels have the same configuration process.

1. In the App or DataSet, a checkbox must be checked, indicating that all data depending on this checkbox will be encrypted.

2. You should also provide one keys name. (Vision will then use a unique aspect of the data itself as 2nd encryption key, which leads to more secure encryption)

To be able to save this configuration, the entered key name should be present in the appSettings section of the Vision management site's configuration file (web.config). Below is an example of an encryption key stored in location "keyname1".

<appSettings>
    <add key="keyname1" value="X3gDd8c?"/>
</appSettings>

Be aware that once an encryption level (App/DataSet) contains data, encryption settings cannot be changed.

The following table shows the dependencies between the encryption level, data, and key/salt combination used to encrypt this data.

Encryption level

Encrypted data

Key/Salt

Account_ProductGroup

Account_person.email
Account_person.answer

key1/

Account_person.login

App

PolicyXml

key1/Policy.internalId

 

Custom Events

key1/Person.identifier

DataSet

Dataitem.Xml

key1/DataItem.salt

 

Encryption Key Mangement

Before 18.06 encryption keys are configured as appsettings is in web.config, and the key name is simply typed in the Apps/DataSets/AccountProductGroup screens. From 18.06, key names are made more manageable by storing them in a separate table called Encryption Methods. The Encryption Method key name is still configured as appsettings in web.config.

To manage Encryption Methods, open the menu Management > Encryption Methods. You can insert a new Encryption Method, or delete existing ones. Edit is deliberately not supported.

Click Add new record to insert a new Encryption Method. This opens a screen where you can insert key names. Key names cannot be empty should already be configured as appsetting in the web.config.

Click the cross to delete an existing Encryption Method. You can only delete Encryption Methods that are not in use.

From 18.06, choosing an encryption key in Apps/DataSets/AccountProductGroups is achieved by choosing it from a dropdown that is linked to the Encryption method table.

Decryption of encrypted data

Decryption of data is handled automatically in the Vision Management site. Encrypted Xml can also be manually decrypted using the DecryptXml formula, and the correct keys/salt combination.

Changed behavior encryption

Before Futurama version 18.04 it was optional to use a unique salt value for encrypting policy XML data. Alternative was to use two passwords to encrypt the data. These same two passwords were used for each item to encrypt.

From version 18.04 two keys isn’t supported anymore. If you choose to encrypt the data, it has to be encrypted with one key, and a item-specific salt value. This applies to all levels of encryption, see table above.

Related Topics

- EncryptXML: Futurama formula to encrypt XML by using the Rijndael Encryption method

Feedback

If you have any questions about this subject or if you want to provide us feedback please send us an e-mail.

Updated: 2018-03-07