MFT Security setup

Now-a-days data security is a top priority for most businesses, and for good reason. When using RoboMQ MFT you will have Encryption, Data integrity, and Non-Repudiation taken care of at the core of the product. Lets take a look at how these functions work.

Figure 1: Secured & encrypted managed file transfer

Encryption:

  1. RoboMQ and user exchange public keys with one another.
  2. The user will encrypt data using RoboMQ’s public key and provide the encrypted file.
  3. RoboMQ will decrypt the data using its private key in the Transfer-In micro service. The data is further processed in the memory.
  4. During the flow, the file is processed and stored at SFTP internally. During the processing RoboMQ will generate a session key which is distributed across the flow. The microservices in the flow will use this session key (or the secret key) to decrypt process data and again encrypt until it reaches Transfer-Out micro service.
  5. In the Transfer-Out micro service, RoboMQ will encrypt the file using the receiver’s public key, and it will only be decrypted by the receivers (or user’s) private key.

Figure 2: Detailed file transfer workflow using microservices

For Data Integrity and Non-Repudiation, the user will create a message-digest from the message, or the plain text of the file. The message is put through a hash function to generate a message-digest. The Message-digest is a fixed length data. The user will now encrypt this message-digest using his private key. Then, the user will encrypt the plain text file using RoboMQ’s public key. Next, the user will send both encrypted file, and encrypted message-digest, to RoboMQ. Now, RoboMQ will decrypt the encrypted message-digest using User’s public key. This will ensure non-repudiation (i.e., user has sent the data). RoboMQ will also decrypt the encrypted file using its private key. Lastly, RoboMQ will calculate the message-digest. RoboMQ will verify that the generated message-digest, and the received message-digest, are the same. If both are same then data integrity is achieved.

Figure 3: Data integrity & non-repudiation

This is a secure and reliable managed file transfer that takes care of data encryption, decryption, integrity, and non repudiation. It utilizes a hash algorithm and a message digest to help ensure the arrival of accurate data. For more information please visit our website at robomq.io or if youd like to get in touch for an integrated solution, send us a note at info@robomq.io.