Encrypted Field RRTs

AutoStore allows users to define encrypted fields that secure information as it is processed by a workflow.

AutoStore supports encrypted fields with protected RRTs and restricted RRTs.

Protected RRT
A protected RRT encrypts its replacement value through all components in a process and shows as encrypted in Status Monitor. A protected field value remains encrypted when the Knowledge Package builder component stores or reads information in XML format.
Restricted RRT
A restricted RRT has the same characteristics as a protected RRT with the addition that it can only be used in fields that are explicitly marked in a configuration to use restricted RRTs. These are typically password fields.

Using protected RRTs

There are two ways to encrypt a field for use as a protected RRT. The first method is for use in a configuration. The second method is for device or application programmers who are using the AutoStore SDK.

Prepend the field name with an $
You can create a protected field by using the dollar sign ($) as the first character of a field name. An FRTN that starts with the $ defines a protected RRT.
For example, a field named $invoice defines an encrypted field. The $ as the first character in the FRTN, as in ACC::%$invoice%, defines the corresponding protected RRT. The $ at the beginning of the file name signals AutoStore to encrypt values that it saves to the field and decrypt values when it evaluates an RRT string.
Use the IKnowledgeContentExt1.ReplaceEncrypted method
You can use the AutoStore SDK to define a protected field with the ReplaceEncrypted method, which is supported by the interface of the KnowledgeContent object. This creates a protected RRT field regardless of its name. Protected field names created using the ReplaceEncrypted method follow standard field naming rules and are not prefixed with the $. For more information, refer to the SDK documentation for AutoStore 7.0. Components that implement this method may provide an Encryption option to allow a user to choose None, Protected,or Restricted

Using restricted RRTs

There are two ways to encrypt a field for use as a restricted RRT. The first method is for use in a configuration. The second method is for device or application programmers who are using the AutoStore SDK.

Prepend the field name with a @
You can create a protected field by using the at sign (@) as the first character of a field name. An FRTN that starts with the @ defines a restricted RRT.
For example, a field named @invoice defines an encrypted field. The @ as the first character in the FRTN, as in ACC::%@invoice%, defines the corresponding restricted RRT. The @ at the beginning of the file name signals AutoStore to encrypt values that it saves to the field and decrypt values when it evaluates an RRT string.
Use the IKnowledgeContentExt1.ReplaceProtected method
You can use the AutoStore SDK to define a restricted field with the ReplaceProtected method, which is supported by the IKnowledgeContentExt1 interface of the KnowledgeContent object. This creates a restricted RRT field regardless of its name. Restricted field names created using the ReplaceEncrypted method follow standard field naming rules and are not prefixed with the @. For more information, refer to the SDK documentation for AutoStore 7.0. Components that implement this method may provide an Encryption option to allow a user to choose None, Protected,or Restricted.