Data Security
Overview
Embedded Data
Embedded data is data is uploaded into a workspace or blog and is embedded directly in the blog. While the workspace/blog is being
held in computer memory, it is secure. Once the user saves the workspace/blog, the data is only as secure as the location where the
user saved the workspace/blog.
Any workspaces/blogs saved to the davinci server are first encrypted and then saved to our secure database.
workspaces/blogs saved to the local hard drive or to a third party server, the security is then managed by the
administrator of the local machine or the third party server.
Linked Data
Linked data is data that is loaded into a workspace or blog by connecting to a URL and downloading the data from the URL.
The data is not embedded, and will not be saved with the workspace or blog. This means that the data will be re-loaded whenever
the workspace/blog is reloaded.
Security is managed on linked data by a series of authentication tokens. Users set up their authentication tokens in the
profile app.
These tokens are used to sent to any server that the user downloads data from (according to how the tokens are configured).
The tokens server to identify the user to the server that they are connecting to.
In this way, any workspace or blog that contains linked data will attempt to download that data based on the users
authentication settings. If the user is not configured to connect to the server in question, the data will not be
sent.
Additional Data Security Options
The davinci architecture makes it easy to implement additional layers of security on your data.
- Constrained by IP
- data can be refused to be served based on the IP address of the user requesting the data. Additionally, the
data can pruned or other transformed based on the IP.
- User Constrained Data
- enables a data server to stream only the data that the given user is authorized to view. That is, data servers
can be configured to removed data from the results of a data request based on the user requesting the data
