This document aims at explaining the Ephesoft Encryption framework. This framework enables Ephesoft to encrypt/decrypt the data persisted in XML files and index files while batch processing. In order to achieve encryption/decryption capabilities Ephesoft maintain encryption/decryption keys at following levels:
- Application Level Key
- Batch Class Level Key
- Batch Instance Level Key
- Fuzzy Index
- Lucene Index Key
- Test KV Key
- Test Classification Key
- Test-Advance KV Key
- Test-Table Key
Ephesoft Encryption Framework
Ephesoft Encryption framework enables Ephesoft to secure data from any unauthorized access.
- Every Application is identified by a unique Key.
- All the data persisted in HOCR.xml, Batch.xml and index files etc. is stored on disk in encrypted form to avoid any unauthorized access of critical data while processing.
- All the learned samples and learned index files are re-generated whenever there is a change in encryption algorithm.
- Any change in Batch Class Key without changing the encryption algorithm does not affect the learned files and thus they are not regenerated in such case.
- Batch Class can be imported using the existing Keys as well as by generating the new key from UI.
- Only authorized user will be able to decrypt the encrypted Batch.xml file using web service API. An authorized user is one who belongs to the groups/roles assigned to the batch class on which batches are processed.
- No Batch can be decrypted on an application other than the application on which it was processed.
- Only a super admin can change the encryption key of a batch class.
- Application Key should be generated before applying the encryption algorithm on a batch class.
- The user needs to make a change in the Scripting plugin for the plugin execution.