Start integrating with ONEiO for free!
SIGN UP

End-to-end encryption

The diagram shows the security aspect of end-to-end encryption between sending system, ONEiO and receiving system. There are the following steps:

  1. Sending system (Customer A in the diagram) sends a message with HTTP over TLS (HTTPS). Client can ensure that it's sending to ONEiO by trusting the certificate of the CA that has signed ONEiO's certificate. HTTPS communication ensures that messages cannot be read or forged by any third party.

  2. ONEiO encrypts the message that it has received and stores it to it's database. ONEiO servers have an encryption key used in the AES-256 encryption. This key is generated by ONEiO and known only by ONEiO, so even if someone could get access to the DB, they cannot read the message payloads. The database stores the data and backups using AES-256 encryption as well.

  3. ONEiO decrypts the message from database when it is transforming and translating it from source to target format. The message stays in plaintext form only in server memory. The produced target message is encrypted and stored to database.

  4. ONEiO decrypts the target message before it is being sent with HTTP over TLS to the target system (Customer B in the diagram) so that the target system can read it. HTTPS communication ensures that messages cannot be read or forged by any third party.
 

oneio_end-to-end_diagram.png  

Customer's end-user can access the message data in plaintext form through ONEiO UI.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.