Data Protector Utility
Configure UXP Technology into any Machine-to-Machine Data Flow
The Data Protector is an independent process that stands alone for protecting and accessing data targeting the machine-to-machine business data flow. This utility performs automated tasks within the existing data flow customized to the security needs of the data as defined by the owner. It does not require integration with existing software applications or data process flows.
The Data Protector facilitates the automatic creation and accessing of protected UXP Objects.
The Data Protector functions in most environments.
Function
Using the Data Protector, data owners can define and assign automated UXP Tasks suited for their specific data flow. The Data Protector operates on the surface as a Task Manager and collaborates with a process running in the background, the Sertainty Agent. The Agent schedules and monitors the Data Protector Task activity for execution as well as other technical functions for this utility.
Data Protector Task Configuration Components
The core pre-built tasks are:
- Auto-Unprotect
- Auto-Protect
Two task types exist:
- Change-Task
- Time-Task (scheduled)
Included in a single task are:
- A machine UXP Identity
- An executable script
- Folder locations
- Other required script parameters for task execution
Machine UXP Identity: Prior to configuring a Task, a UXP Identity must be generated from the destination node.
The machine UXP Identity generated is based on the destination node’s unique machine User Definition.
The Definition includes:
- Challenge Pairs, automatically generated
- Machine’s unique digital fingerprint
Specific to UXP Technology, a machine User Definition includes the unique digital fingerprint for the designated machine where the dataset is permitted access.
Creating a machine profile involves a distinctive UXP Technology process that occurs when the machine UXP Identity is generated. The process begins physically on the machine where the Technology generates a unique digital fingerprint for that specific device.
The result is the unique digital fingerprint locking it to that single machine. These attributes are never revealed as they are collected nor are they visible when housed in the UXP Identity or when utilized during Object generation. This machine profile with its unique digital fingerprint is now defined as the user that is permitted dataset access.
On the Data Protector Resources page in the video series, Video 6 and 7 discuss and demonstrate generating a machine Identity. The generation process is automated using a wizard.
- Executable: Executables used in Task configuration are predefined proprietary *.uxl script templates or custom programs provided in the Data Protector.
- Folder Location: These folders reference folders that already exist in the workflow.
- Other: Other includes parameters noted in the Features section above.
Sertainty Agent
The Sertainty Agent is a background process that handles several critical functions on behalf of the Data Protector.
Tasks
Data Protector Tasks are the technical instructions configured for automated processes. A group of Tasks for a specific workflow are referred as a configuration in the Data Protector.
Task examples include, but not limited to the following:
Auto-Unprotect
The Auto-Unprotect is a process for automatically determining trust for data access and extraction from a UXP Object. This process is configured to execute on a destination node. The destination node is the designated location where UXP Objects are received and the Auto-Unprotect Task executes.
Prior to configuring the Auto-Unprotect Task, the machine UXP Identity along with the associated Auto-Unprotect script must be already generated for the destination node.
When the Unprotect Task executes on the destination node, a validation process begins. The Identity credentials embedded in the Auto-Unprotect script must match the UXP Object’s Identity credentials. An additional check occurs; the destination node’s digital fingerprint must match the script and the Object. If anything fails to match between the three elements, access to the UXP Object is denied.
Auto Protect
The Auto-Protect is a process for automatically creating UXP Objects in a workflow. This process is configured to execute on a source node. The source node is the origin for UXP Object creation.
Prior to configuring, a copy of the machine Identity for the destination node is required on the source node.
The Auto-Protect script utilized is a pre-built *.uxl script provided in the Data Protector.
Benefits
- Seamless leverage of Sertainty UXP Core Technology without writing code
- Data-centric
- Access and mitigation policies are defined in the UXP Identity
- Non-invasive integration with existing applications and data transfer processes. No code changes are required.
- Utilizes existing data transport process
- Auditing capabilities
- Notification capabilities
Features
- Data Protector process is defined as either:
- Change-Task: watches a folder for changes and processes new files
- Timed-Task: executes the action based on a scheduled interval
- Executable can be created using:
- UXL Script Engine (*.uxl)
- Native binary or native script (*.exe, *.bat, *.sh., etc.)
- Configurable:
- Number of files included in each UXP Object
- File types
- Log file generation
Restrictions
- Fully automated workflows only support machine-to-machine workflows.
- Each Data Protector Task runs in its own thread.
- Mobile currently is not supported.