Security Overview

Security has been designed into GenRocket since the beginning of its development. Several measures are taken to ensure your data is safe and only available to registered users within your organization. This article covers the primary components of GenRocket Security.


Video Overview

Please take a moment to view this informational video on GenRocket Security: 



The GenRocket Ecosystem

GenRocket is available through Virtual Private Cloud or Dedicated Private Cloud hosting. 


We refer to both of these hosting models as "hybrid" hosting models because they have a Cloud hosted part and an On Premise hosted part.


While both Virtual Private Cloud and Dedicated Private Cloud hosting are fully secure, our larger customers, with bigger numbers of users, tend to choose Dedicated Private Cloud hosting.



The GenRocket Cloud

Let's start off by breaking down the security aspects of our Cloud.  


It is important to know that we do not store customer data in our cloud  – so no customer data is exposed outside of the corporate firewall.
 

Each time a user logs in they create a secure, encrypted connection from their browser to the GenRocket Cloud.



We require a valid username and password and are able to add an extra layer of security through Single Sign-On (SSO). All passwords are encrypted with a SHA-256 one way hash. 


We also offer a Team Permissions feature to further restrict access to specific features of the application.


Login Access

The following applies for login access to the GenRocket Cloud:  

  • Chrome, Firefox, Safari browsers via HTTPS request
  • Valid username & password must be provided
  • Passwords are SHA-256 encrypted one way hash
  • SSO is available as an extra layer of security


Team Permissions

The Team Permissions feature ensures that users of the application gain access to the appropriate features of the application.


Four different system roles are available when setting up Team Permissions and provide different security access restrictions:

  • Organization level (admin)
  • Project level
  • Domain level
  • Scenario level


Note: For more information, please see this article: GenRocket Team Permissions.


Corporate Data Model

One question often asked about is the corporate data model. Please take a moment to review the image below.



  1. Each GenRocket Project relates an application or database. Customers have different ways to set up each GenRocket Project and the relationships between the entities in that Project, but it is essential to know that we do not store any sensitive production data within the project AND we do not store the relationships in the GenRocket Project the same way as they are stored in your database.

  2. Take a minute to look at the diagram above. On the left you can see a typical database model with multiple inheritance where there is one Child and three Parents. And now look to the right. You can see that the same entity relationships are set up differently inside of GenRocket. In GenRocket, there can only be one Child and one Parent, and the rest of the entities must be set up as Siblings.

  3. So you can see the exact corporate data model is never exposed.


GenRocket Scenarios

Data generation Scenarios are modeled by your users in the GenRocket Cloud and then downloaded to a computer that sits inside your firewall.  

GenRocket Scenarios are instruction sets that contain no data and even though the Scenarios are encrypted before downloading.


Only authenticated and licensed users within a given organization can run an encrypted Scenario. 

Lastly, all data is generated within the security of the corporate firewall so no data is ever exposed outside the firewall. 


In summary...

  • Scenarios contain no data 
  • Scenarios are encrypted
  • Only authenticated and licensed users can run Scenarios
  • Data is only generated securely On Premise behind a firewall


GenRocket Runtime

The GenRocket Runtime is a secure Java program that executes the encrypted GenRocket Scenarios, On Premise, within the security of the corporate firewall. 



As shown above, all test data generation happens within the security of the corporate firewall – On Premise. 

  • The GenRocket Runtime is a secure Java program that runs GenRocket Scenarios.
  • The Runtime is hosted On Premise within the security of the corporate firewall.
  • All data is generated On Premise within the security of the corporate firewall. 
  • All GenRocket Runtime JAR’s* are validated with a checksum.


*Java Archive (JAR) is a package file format typically used to aggregate many Java class files. A Java class file is a file (with the .class filename extension) containing Java bytecode that can be executed on the Java Virtual Machine (JVM).


License Check and Statistics

For the license check, we call a secure URL: https://app.genrocket.com/license/check. 



Over a secure connection, the check passes back the following information to GenRocket:

  • User Access ID
  • Operating System
  • GenRocket Scenario Name


Over a secure connection, GenRocket returns the following:

  • Success: True/False
  • Failure Reason
  • Latest JAR Version Numbers
  • Checksum for each JAR


Summary

In summary…

  • Every aspect of GenRocket was designed with security in mind.
  • GenRocket does not store sensitive customer production data within its system. 
  • All test data is generated securely, On Premise.
  • GenRocket is a synthetic test data system and synthetic test data is fully secure.