{"id":31915,"date":"2014-10-21T18:36:53","date_gmt":"2014-10-22T02:36:53","guid":{"rendered":"https:\/\/ephesoft.com\/docs\/2019-1-2\/batch-class-management\/ephesoft-encryption-framework\/"},"modified":"2020-10-05T16:41:14","modified_gmt":"2020-10-05T23:41:14","slug":"ephesoft-encryption-framework","status":"publish","type":"docs","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/","title":{"rendered":"Ephesoft Encryption Framework"},"content":{"rendered":"
\n

This document aims at explaining the Ephesoft Encryption framework. This framework enables Ephesoft to encrypt\/decrypt the data persisted in XML files and index files while batch processing. \u00a0In order to achieve encryption\/decryption capabilities Ephesoft maintain encryption\/decryption keys at following levels:<\/span><\/p>\n<\/header>\n

\n
\n
\n
    \n
  1. Application Level Key<\/li>\n
  2. Batch Class Level Key<\/li>\n
  3. Batch Instance Level Key<\/li>\n
  4. Fuzzy Index<\/li>\n
  5. Lucene Index Key<\/li>\n
  6. Test KV Key<\/li>\n
  7. Test Classification Key<\/li>\n
  8. Test-Advance KV Key<\/li>\n
  9. Test-Table Key<\/li>\n<\/ol>\n

    Ephesoft Encryption Framework<\/h2>\n

    Purpose<\/span><\/h3>\n

    Ephesoft Encryption framework enables Ephesoft to secure data from any unauthorized access.<\/p>\n

    Key Features<\/h3>\n
      \n
    1. Every Application is identified by a unique Key.<\/li>\n
    2. All the data persisted in HOCR.xml, Batch.xml and index files etc. is stored on disk in encrypted form to avoid any unauthorized access of critical data while processing.<\/li>\n
    3. All the learned samples and learned index files are re-generated whenever there is a change in encryption algorithm.<\/li>\n
    4. Any change in Batch Class Key without changing the encryption algorithm does not affect the learned files and thus they are not regenerated in such case.<\/li>\n
    5. Batch Class can be imported using the existing Keys as well as by generating the new key from UI.<\/li>\n
    6. Only authorized user will be able to decrypt the encrypted Batch.xml file using web service API. An authorized user is one who belongs to the groups\/roles assigned to the batch class on which batches are processed.<\/li>\n
    7. No Batch can be decrypted on an application other than the application on which it was processed.<\/li>\n
    8. Only a super admin can change the encryption key of a batch class.<\/li>\n<\/ol>\n

      Assumptions<\/h3>\n
        \n
      1. Application Key should be generated before applying the encryption algorithm on a batch class.<\/li>\n
      2. The user needs to make a change in the Scripting plugin for the plugin execution.<\/li>\n<\/ol>\n<\/div>\n<\/div>\n<\/div>\n

        Hashing Algorithm<\/span><\/h3>\n

        Keys are generated using Hashing algorithm on the data available for generating Keys.<\/p>\n\n\n\n\n\n
        Key Length<\/b><\/i><\/td>\nHashing Algorithm<\/b><\/td>\n<\/tr>\n
        128<\/td>\nMD5<\/td>\n<\/tr>\n
        256<\/td>\nSHA-256<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

         <\/p>\n

        \n

        <\/a><\/p>\n

        Encryption Algorithm<\/span><\/h3>\n

        AES algorithm is backbone of Ephesoft Encryption framework and it is used to encrypt and decrypt the data. Super admin has flexibility to choose between AES-128 \/ AES-256 bit algorithm. Ephesoft employs \u201cAES-256\u201d <\/strong>cipher which is a NSA Type 1 approved algorithm <\/strong>(suitable for classified national security information)\u201d<\/p>\n

        \n

        <\/a><\/p>\n

        Application Level Key- The Crux of Encryption<\/h3>\n

        Application level key concept is very similar to a digital signature or a digital certificate which uniquely identifies an application\/entity\/organization\/individual. Application level key in Ephesoft identifies an application belonging to a customer uniquely.<\/p>\n

        The Key (identity) provided for application key is used as a secure password for all the key stores generated through-out the process i.e. application level key is responsible for validating that the keys\/key-stores being used throughout application at different stages belongs to a particular application (key\/key-stores belonging to a particular application will not work on any other unauthorized application).<\/p>\n

        This key will also be responsible for authentication during the Batch XML decryption, which will not allow the Batch XML to decrypt outside the authorized application (unauthorized applications will not be able to decrypt Batch XML belonging to some other application).<\/p>\n

        \n

        <\/a><\/p>\n

        \u00a0Levels of Secret Keys<\/h3>\n\n\n\n\n\n\n\n\n\n\n\n\n
        Level<\/b><\/td>\nLocation<\/b><\/td>\nMechanism<\/b><\/td>\nKey Length<\/b><\/td>\n<\/tr>\n
        Application<\/b><\/td>\n<Shared-Folders>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nCan be generated only once from UI.<\/td>\n128<\/td>\n<\/tr>\n
        Batch Class<\/b><\/td>\n<Batch-Class-folder>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nConfigurable from UI.<\/td>\n128\/256<\/td>\n<\/tr>\n
        Batch Instance<\/b><\/td>\n<ephesoft-system-folder>\/<Batch-Instance-ID-Folder>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Fuzzy-DB Index<\/b><\/td>\n<Batch-Class-Folder>\/<fuzzy-index-folder>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Lucene Key<\/b><\/td>\n<Batch-Class-Folder>\/<lucene-search-classification-sample>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Test KV<\/b><\/td>\n<Batch-Class-Folder>\/<test-KV-Folder >\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Test Advance KV<\/b><\/td>\n<Batch-Class-Folder>\/<test-Advance-KV-Folder>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Test Classification<\/b><\/td>\n<Batch-Class-Folder>\/<test-Content-Classification-Folder>\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n
        Test Table<\/b><\/td>\n<Batch-Class-Folder>\/<test-table >\/ephesoft-key-store-file\/ephesoft.keystore<\/td>\nGenerated dynamically using Application Level Key and Batch Class Key.<\/td>\nLength of Batch Class Key.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

         <\/p>\n

        \n

        <\/a><\/p>\n

        Error Messages<\/span><\/h3>\n\n\n\n\n\n
        Example Error Messages:<\/b><\/td>\nProbable Cause:<\/b><\/td>\n<\/tr>\n
        Key store file doesn\u2019t exist.<\/i><\/strong><\/td>\nAny of key required for encryption\/decryption doesn’t exist.<\/td>\n<\/tr>\n
        Keys required for generating the dynamic key\u00a0doesn’t\u00a0exist<\/b><\/td>\nAny of the application key\/ Batch Class Key required for generating the dynamic key doesn’t exist.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

         <\/p>\n

        \n

        <\/a><\/p>\n

        Backup and Recovery<\/span><\/h3>\n
          \n
        1. To recover the data in case application key is lost. It is recommended that user should store the application key file in a secure storage device.<\/li>\n
        2. It is also recommended to secure the Key-Store file unique password (key_password) from encryption_key_metdata table from the DB.<\/li>\n<\/ol>\n","protected":false},"featured_media":0,"parent":31881,"menu_order":3,"comment_status":"closed","ping_status":"open","template":"","doc_tag":[],"yoast_head":"\nEphesoft Encryption Framework | Ephesoft Docs<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ephesoft Encryption Framework\" \/>\n<meta property=\"og:description\" content=\"This document aims at explaining the Ephesoft Encryption framework. This framework enables Ephesoft to encrypt\/decrypt the data persisted in XML […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/\" \/>\n<meta property=\"og:site_name\" content=\"Ephesoft Docs\" \/>\n<meta property=\"article:modified_time\" content=\"2020-10-05T23:41:14+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/\",\"url\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/\",\"name\":\"Ephesoft Encryption Framework | Ephesoft Docs\",\"isPartOf\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\"},\"datePublished\":\"2014-10-22T02:36:53+00:00\",\"dateModified\":\"2020-10-05T23:41:14+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ephesoft.com\/docs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Transact\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Features and Functions\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Administrator Role and Features\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Batch Class Management\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"Ephesoft Encryption Framework\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\",\"url\":\"https:\/\/ephesoft.com\/docs\/\",\"name\":\"Ephesoft Docs\",\"description\":\"Intelligent Document Processing Made Easy\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ephesoft.com\/docs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Ephesoft Encryption Framework | Ephesoft Docs","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"Ephesoft Encryption Framework","og_description":"This document aims at explaining the Ephesoft Encryption framework. This framework enables Ephesoft to encrypt\/decrypt the data persisted in XML […]","og_url":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/","og_site_name":"Ephesoft Docs","article_modified_time":"2020-10-05T23:41:14+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/","url":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/","name":"Ephesoft Encryption Framework | Ephesoft Docs","isPartOf":{"@id":"https:\/\/ephesoft.com\/docs\/#website"},"datePublished":"2014-10-22T02:36:53+00:00","dateModified":"2020-10-05T23:41:14+00:00","breadcrumb":{"@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/ephesoft-encryption-framework\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ephesoft.com\/docs\/"},{"@type":"ListItem","position":2,"name":"Transact","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/"},{"@type":"ListItem","position":3,"name":"Features and Functions","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/"},{"@type":"ListItem","position":4,"name":"Administrator Role and Features","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/"},{"@type":"ListItem","position":5,"name":"Batch Class Management","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/"},{"@type":"ListItem","position":6,"name":"Ephesoft Encryption Framework"}]},{"@type":"WebSite","@id":"https:\/\/ephesoft.com\/docs\/#website","url":"https:\/\/ephesoft.com\/docs\/","name":"Ephesoft Docs","description":"Intelligent Document Processing Made Easy","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ephesoft.com\/docs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"comment_count":0,"_links":{"self":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/31915"}],"collection":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/comments?post=31915"}],"version-history":[{"count":0,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/31915\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/31881"}],"next":[{"title":"Index Fields","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/index-fields-4050\/","href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/31894"}],"prev":[{"title":"Document Types","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/features-and-functions\/administrator\/batch-class-management\/document-types\/","href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/47115"}],"wp:attachment":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/media?parent=31915"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/doc_tag?post=31915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}