 |
|
|
|
| |
Overview - Security |
|
Under revision |
|
Security in daVinci |
|
| |
Security was one of the major issues to solve for the daVinci developers.
Today, an application that exchanges sensitive information through the Internet without a very high level of security cannot be taken seriously.
daVinci has successfully accomplished this task by adopting different encryption algorithms for different purposes, and by giving to the daVinci users the
possibility to protect every single piece of information with their own passwords. |
|
|
|
|
Encryption Methods |
|
| |
daVinci uses three different encryption methods, depending on the kind of data to be encrypted:
1. Random Text Encryption
Sophisticated encryption algorithm, developed by
Carso Data exclusively for daVinci, always generating different results from the same
source.
The output consists of pure text (only letters and digits, A..Z, a..z and 0..9), which makes it easy to be processed by daVinci.
The encrypted text is always much bigger than the original one (up to 5 times), therefore this algorithm is only used for encryption of
passwords and short texts, usually stored in variables.
Random Text Encryption always uses the
Main Security Password (defined during installation) while encrypting and decrypting strings.
2. Zip Encryption
Encryption used during compression of files and folders, compatible with the standard
ZIP algorithm.
3. MD5 128-bit Hash Encryption
State-of-the-art encryption for maximum security.
It is used for encryption of:
- any kind of data and document files,
- all exchanged information during Remote Control.
Note: The
MD5 and ZIP
encryption methods can be combined while encrypting data files (first MD5 encryption and then ZIP
compression,
using the same or different passwords). This gives an even higher level of protection while it makes the files more suitable for the
Internet (smaller size). |
|
|
|
|
The Main Security Password |
|
| |
During installation the user is asked to input the
Main Security Password, a password that will be used by daVinci in a number of different ways in order to ensure a high level of security in
all the critical exchanges of information between the different daVinci applications and between daVinci and other applications using the same encryption
methods.
The
Main Security Password, which can be up to 50 characters long, is used in:
- Password protection
- Text encryption
- File encryption
- Remote control
Different daVinci owners can protect their own information by keeping their security passwords secret, but they can also choose to share encrypted
information with each other by using the same security password. |
|
|
|
|
Password Protection |
|
| |
When passwords are to be used in script statements, like while accessing FTP accounts or while encrypting files, they can be written as they are or in
encrypted format.
In order to avoid unauthorized eyes from looking at your passwords while you are working with scripts, we strongly recommend that you only use encrypted
passwords in your code.
Passwords are always encrypted using
Random Text Encryption in combination with the
Main Security Password. |
|
|
|
|
File Encryption |
|
| |
Files containing sensitive information, that are to be moved across the Internet, should always be protected by a solid encryption method.
daVinci offers the possibility to encrypt all such files by means of the
MD5 128-bit hash encryption algorithm, in combination with either the
Main Security Password or any other user defined password (up to 50 characters long).
The
MD5 encryption can also be combined, in the same statement, with the compression encryption (see below). |
|
|
|
|
File Compression |
|
| |
When files are compressed they can be encoded using a user defined password. This method follows the
ZIP standard, files and folders compressed and encrypted this way will be able to be opened by any other
ZIP application.
The
ZIP encryption can also be combined, in the same statement, with the
MD5 128-bit hash encryption (see above). |
|
|
|
|
Security in Remote Control |
|
| |
All scripts that are exchanged between the units involved in Remote Control operations are encrypted using the
MD5 128-bit hash encryption algorithm, combined with the
Main Security Password. This way there is no risk that other daVinci owners interfere (casually or intentionally) with your system.
In addition, the CGI application
daVinciSrv can be freely renamed by the daVinci owner when it is installed on server side, which makes even harder for hackers to break in.
For instance the CGI URL, instead of: "www.mysite.com/cgi-bin/daVinciSrv.exe?...",
could be like: or "www.mysite.com/davinci-bin/dvc.exe?...",
or: "www.mysite.com/xxx/yyy/zzz.exe?..."
etc.
The
Main Security Password is defined when daVinci is installed either in the current unit (the executing PC) or in other connected units (like mobile
units through ActiveSync or Windows servers through the Internet).
It is possible for different owners to let all their units to communicate with each other by using the same password at installation
time.
All possible combinations of different owners and different communication areas (by means of different passwords) are allowed, as
illustrated by the example below:
|
|
|
|
|
|
|
|
|
|
Produced by Carso | Last update: 2010-04-11
|
|