Is non-SSL communication from RiskFort to UBP a security risk

Document ID : KB000101632
Last Modified Date : 15/06/2018
Show Technical Document Details
Introduction:
At version 9.0, Riskfort communication with User Behavior Profiling (UBP Modeling) does not support SSL. Customers have inquired if this is a security concern.
Question:
Is non-ssl communication from Riskfort to UBP application a security exposure ? 
 
Environment:
Riskfort Servers and Servers running UBP application
 
Answer:
There is no exposure as the request contains information like Orgname, Device information etc. that cannot be exploited. 

Below is a sample request from risk server to UBP: 

Wed May 23 18:59:00.558 2018 LOW: pid 3016 tid 236: 8: 1:10004: GDPRule::sendAndReceiveHTTPData : Writing [<?xml version="1.0" encoding="UTF-8"?><EvalCallout xmlns="http://www.arcot.com/EvalCalloutRequest" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.arcot.com/EvalCalloutRequest ArcotRiskInput_V2.xsd "><DocVersion>1.0</DocVersion><TransactionID>1:10004</TransactionID><UserContext><UserId>VVRR1</UserId><Group>DEFAULTORG</Group><Action>Login</Action></UserContext><DeviceContext><HTTPDeviceId>9IcUtBjejj87fIOQuv63ZeQJ61oQAj8I4ybZ5MznwDewfaiw9l+3tm0y0VAyd91i</HTTPDeviceId><FLASHDeviceId></FLASHDeviceId><AggregatorId></AggregatorId><DeviceSignature><![CDATA[{"DEVICESIG":{"collector": "Browser", "collectorVersion":"2","EXTERNALIP":{ "externalip":"10.134.112.127"},"EXTRA":{ "NetscapePlugins":{}},"HTTP_HEADER":{ "user-agent":"Mozilla\/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko\/20100101 Firefox\/60.0"},"MESC":{ "MESC":"94431"},"OPTIONAL":{ "flash_ver":"29.0.0.171"},"OS_BROWSER":{ "build_id":"20180516032328","cookie_enabled":"1","vendor":"","vendor_sub_id":"","os":"Windows","os_ver":"13.0.0","browser_ver":"60.0","browser":"Firefox"},"SCREEN":{ "availHeight":"1160","availWidth":"1920","colorDepth":"24","height":"1200","width":"1920","pixelDepth":"24"},"SYSTEM":{ "oscpu":"Windows NT 6.1; Win64; x64","platform":"Win64"},"USER_PREF":{ "timezone":"-330","sys_lang":"en-US"}}}]]></DeviceSignature><BrowserType>Firefox</BrowserType><OSType>Windows</OSType><DeviceType>PC</DeviceType></DeviceContext><Channel></Channel><LocationContext><ClientIP>10.134.112.127</ClientIP><Latitude></Latitude><Longitude></Longitude><Continent></Continent><Country></Country><CountryISO2></CountryISO2><Region></Region><State></State><City></City><ConnectionType></ConnectionType><LineSpeed></LineSpeed><RoutingType></RoutingType><AnonymizerStatus></AnonymizerStatus></LocationContext><ExtensibleElements></ExtensibleElements><RuleSetResult><RuleResult result="0" ruleName="UnknownDeviceId"/><RuleResult result="" ruleName="ExceptionUser"/><RuleResult result="" ruleName="NegativeIP"/><RuleResult result="" ruleName="NegativeCountry"/><RuleResult result="" ruleName="TrustedAggregatorIP"/><RuleResult result="0" ruleName="UnknownUser"/><RuleResult result="" ruleName="UserVelocity"/><RuleResult result="" ruleName="DeviceVelocity"/><RuleResult result="" ruleName="ZoneHopping"/></RuleSetResult></EvalCallout>] to GDP running at [http://localhost:8080/ca-userprofiling-2.0-application/UBPServlet] 


It mostly contains user information such as username, org, location information, device information etc., 



Riskfort Servers and Servers running UBP application
Additional Information:
None.