Encryption
Blue Prism Interact uses the following encryption methods:
Algorithm |
Description |
---|---|
Traffic encryption |
Enable HTTPS only communication for production. Requires customers to provide TLS certificates for all web applications and all communication channels must be secured. For more information about configuring certificates, see the web server. |
Data protection |
The Hub installer generates a PFX certificate and saves it to Trusted Root Certificate Authorities. All applications use it to encrypt sensitive data, such as connection strings in the appsettings.json file. Data protection uses the following default algorithms:
The key size is 2048 bit. |
JWT token signing |
The Hub installer generates a PFX certificate and saves it to Trusted Root Certificate Authorities. The Identity Server uses it to encrypt the JWT token and to validate the license file. The JWT token is encrypted by the RSA-SHA-256 algorithm and the key size is 2048 bit. |
Identity Management Server (IMS) |
This is the authorization server - users login via the The |
Password Storage |
The AspNetIdentity library is used for password hashing and uses the following algorithms:
|
The license key is encrypted by the RSA-SHA-512 algorithm.
Database encryption can be provided by the Microsoft encryption mechanism (Transparent Data Encryption - TDE) but must be manually implemented on each database. For more info see: docs.microsoft.com.
TLS defaults to the host operating system configuration for both TCP and HTTP communications, selecting the best security protocol and version. Available protocols and ciphers are managed by the end user or automatically handled through Microsoft security updates.