Is SSL communication to UBP server supported?

Document ID : KB000098029
Last Modified Date : 24/05/2018
Show Technical Document Details
Introduction:
For User Behavior Profiling model to be created, the CA Risk Authentication Server sends data to CA UBP application over TCP. Since there is no SSL support at version 9.0, customer's have raised queries as to what is the data that is send to UBP ?  and Is there is a security exposure if this data is intercepted ?
Question:
Is SSL communication to UBP server supported?  Is there an exposure if non-SSL ? 
Environment:
All
Answer:
No private data (as shown below) that can be comprised is communicated between these CA Risk Authentication Server and UBP.  

Below is a sample request from risk server to UBP: 

Wed May 23 18:59:00.558 2018 LOW: pid 3016 tid 236: 8: 1:10004: GDPRule::sendAndReceiveHTTPData : Writing [<?xml version="1.0" encoding="UTF-8"?><EvalCallout xmlns="http://www.arcot.com/EvalCalloutRequest" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.arcot.com/EvalCalloutRequest ArcotRiskInput_V2.xsd "><DocVersion>1.0</DocVersion><TransactionID>1:10004</TransactionID><UserContext><UserId>VVRR1</UserId><Group>DEFAULTORG</Group><Action>Login</Action></UserContext><DeviceContext><HTTPDeviceId>9IcUtBjejj87fIOQuv63ZeQJ61oQAj8I4ybZ5MznwDewfaiw9l+3tm0y0VAyd91i</HTTPDeviceId><FLASHDeviceId></FLASHDeviceId><AggregatorId></AggregatorId><DeviceSignature><![CDATA[{"DEVICESIG":{"collector": "Browser", "collectorVersion":"2","EXTERNALIP":{ "externalip":"10.134.112.127"},"EXTRA":{ "NetscapePlugins":{}},"HTTP_HEADER":{ "user-agent":"Mozilla\/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko\/20100101 Firefox\/60.0"},"MESC":{ "MESC":"94431"},"OPTIONAL":{ "flash_ver":"29.0.0.171"},"OS_BROWSER":{ "build_id":"20180516032328","cookie_enabled":"1","vendor":"","vendor_sub_id":"","os":"Windows","os_ver":"13.0.0","browser_ver":"60.0","browser":"Firefox"},"SCREEN":{ "availHeight":"1160","availWidth":"1920","colorDepth":"24","height":"1200","width":"1920","pixelDepth":"24"},"SYSTEM":{ "oscpu":"Windows NT 6.1; Win64; x64","platform":"Win64"},"USER_PREF":{ "timezone":"-330","sys_lang":"en-US"}}}]]></DeviceSignature><BrowserType>Firefox</BrowserType><OSType>Windows</OSType><DeviceType>PC</DeviceType></DeviceContext><Channel></Channel><LocationContext><ClientIP>10.134.112.127</ClientIP><Latitude></Latitude><Longitude></Longitude><Continent></Continent><Country></Country><CountryISO2></CountryISO2><Region></Region><State></State><City></City><ConnectionType></ConnectionType><LineSpeed></LineSpeed><RoutingType></RoutingType><AnonymizerStatus></AnonymizerStatus></LocationContext><ExtensibleElements></ExtensibleElements><RuleSetResult><RuleResult result="0" ruleName="UnknownDeviceId"/><RuleResult result="" ruleName="ExceptionUser"/><RuleResult result="" ruleName="NegativeIP"/><RuleResult result="" ruleName="NegativeCountry"/><RuleResult result="" ruleName="TrustedAggregatorIP"/><RuleResult result="0" ruleName="UnknownUser"/><RuleResult result="" ruleName="UserVelocity"/><RuleResult result="" ruleName="DeviceVelocity"/><RuleResult result="" ruleName="ZoneHopping"/></RuleSetResult></EvalCallout>] to GDP running at [http://localhost:8080/ca-userprofiling-2.0-application/UBPServlet] 
 
Additional Information:
At the time of this article, there  is no known road map for support of SSL between CA Risk Authentication and UBP application