Technical blog

You'll find below a list of technical articles and white papers, sorted by date.

Featured

How to protect sensitive data inside Convertigo?

Fabien Balageas
Posted by Fabien Balageas
Fabien Balageas
Convertigo CTO
User is currently offline
on Thursday, 20 October 2011 in Convertigo

In this article, Fabien Balageas explains how to hide sensitive data within Convertigo. Sensitive data can appear in Convertigo projects files, in Convertigo logs, in the test platform, in studio user interface... How to prevent Convertigo to display or store "in clear" these data?

Sometimes, you have to put some sensitive data in Convertigo objects, such as passwords. This is specially true when you have to handle test cases in which you put credentials.

Since C-EMS 5.5.0, Convertigo provides you the way to hide them and protect your data.

I would say there are two families of protection: user interface protection and data storage protection. Indeed, sensitive data can be seen in:

  • studio user interface
  • platform user interface (aka test platform)
  • web administration console
  • log files
  • project's XML definition files

The first three ones belong to the user interface protection family, and and the last two ones belong to the data storage protection family.

Convertigo helps you to protect your sensitive data for both families.

Use case

Create a transaction called Login, containing two variables (parameters) called username and password.
Then create a test case based on this variables set.

If you select the password variable of your test case, you will find a property named Visibility. Edit this property.

You then will be able to mask the value of your password in log files, in studio user interface, in test platform and in project's XML definition files.

If you check one (or more) of these options, then your password data will be masked (for display purposes such as the studio and the test platform) or ciphered (such as in log files and project's XML files) with a high level of encryption before being written to files.

For highest level of protection, select all protection options.

The Visibility property is also available for default values of transactions/sequences variables.

In the Convertigo Studio :

On test platform of Convertigo Studio :

Conclusion

You are now able to protect any sensitive data inside your Convertigo solution, whether you are concerned with the user interface protection or the data storage protection.
Tags: Untagged

Comments

Please login first in order for you to submit comments

btn developerNetwork_home

If you are a developer, an architect and more generally someone looking for technical information about our Mobile Enterprise Application Platform, Composite Applications and Convertigo, this is the right place for you.

 btn downloadC8O_home

Get Convertigo Studio for Windows. This is our Eclipse based development tool for our Mobile Application Development Platform. You can get also Convertigo Servers for Windows and Linux directly on sourceforge

 btn documentation_home

Find our official documentations for Convertigo Mobile Application Development Platform and and Mobile Server, including the Reference Manual, the Programming Guide, and the Installation Guide, in both HTML and PDF formats.