Software robots are becoming more and more common across industries and the enterprise spectrum due to their ability to enhance productivity and streamline backend operations. Because of the increasing demand for automation, Robotic Process Automation has emerged as a technology that allows anyone to configure computer software to emulate the actions of a human and replace repetitive and time-consuming operations from a company’s business flow. With the ability to capture, analyze, and process vast amounts of data, security becomes a major concern regarding the collected information as well as the robot activity logs. Blockchain seems to hold an answer to these security concerns.
In an effort to provide an answer to these security issues, Modex has partnered with UiPath, the leading enterprise Robotic Process Automation (RPA) software company, to enhance the traceability of operations involving software robots and improve governance by enabling immutability for activity logs.
Through this global technological collaboration, Modex Blockchain Database (BCDB) has been integrated with UiPath Orchestrator through a series of connectors to enhance the traceability and the auditability of the data manipulated by software robots through the immutability provided by the Blockchain Database solution. Modex BCDB improves the security of the data collected and manipulated by software robots. Once data passes through the Modex BCDB solution, UiPath Orchestrator beneficiaries can rest assured that their information can never be tampered with.
Besides immutability, the integration of Modex BCDB with the UiPath Orchestrator will streamline log access security by introducing permission-based policies and advanced encryption. Using blockchain technology, Modex Blockchain Database provides the right alternative for data security and data protection against ransomware effects, as well as the right argument for data integrity against any possible litigation. Designed as an UiPath Orchestrator plug and play logs module, Modex BCDB is a custom, efficient, and easy to adopt alternative for immutable and secure RPA activity tracking that seamlessly aligns with the needs of companies that implement the UiPath Orchestrator to set a foundation for customer success.
Modex BCDB – UiPath Orchestrator integration
Robotic Process Automation is a productivity tool that applies a technological stack governed by business logic and structured inputs to configure computer software commonly referred to as software robots or bots that emulate and integrate the actions of a human interacting within digital systems to automatically execute business processes. At its core, the concept is very similar to traditional manufacturing automation that focuses on taking a segment of the workflow or a specific task and automating it through a specialized robot. Transposing this concept to the digital medium, we obtain RPA tools that focus on developing software robots tasked with manipulating data across platforms and applications.
UiPath Orchestrator is a server-based application that acts as a robot management dashboard through which clients can deploy, secure, and manage their robots at scale. It runs on a server and connects to all the software robots within the network, whether the robot is attended, unattended, or free. It comes with a browser-based interface that enables the orchestration and management of hundreds of robots with the push of a button. Overall the UiPath Orchestrator enables clients to manage the creation, monitoring, and deployment of resources in their environment, similar to an integration point with third-party applications.
Modex BCDB has been integrated into the UiPath Orchestrator through a series of connectors to streamline security and enhance the auditability of the data manipulated by software robots through the immutability provided by the Blockchain Database solution. As a middleware software that is agnostic from a database engine and blockchain perspective, Modex BCDB inserts itself as an additional layer over the database in which companies store logs. This way clients that implement UiPath Orchestrator can quickly configure the Modex BCDB solution to tap into the benefits of blockchain-enabled immutability, creating a tamper-resistant ecosystem for their logs that offers on-demand data encryption at the field level, permanent storage on the blockchain for sensitive data as well as data reconstruction functions.
Modex BCDB integration steps
The Modex team has been hard at work towards implementing a seamless integration with the UiPath Orchestrator.
The first step was to integrate with the UiPath Orchestrator by positioning between the database system the clients store their logs in and the Orchestrator. Clients are now able through minimal configurations to add the BCDB layer over their database engine to unlock the benefits of blockchain immutability. Doing so clients are required to pass their data through the Modex BCDB API to store it in their database engine as well as in the blockchain. Due to this design choice, Modex BCDB can be perceived as a gatekeeper for the data introduced in the system, meaning that once data has been successfully introduced in the system through the Modex API it cannot be tampered or hijacked by a malicious third party, or targeted by ransomware attacks. Users need to keep in mind that configuring the system to work with the BCDB solutions means that data can only be introduced or modified through the Modex API. Any attempt to make changes directly through the database engine will trigger a data reconstruction procedure when an integrity check is performed. Furthermore, Modex BCDB was designed to track and store every modification made as well as the time and the user who made the changes. This is a feature that was implemented in the system to streamline audit and increase accountability.
The second step was to add Elasticsearch to the increasing roster of database engines supported by Modex BCDB. We have decided to fully integrate with Elasticsearch because it is a database engine that comes with a full suite of tools for logs that facilitate complex analytics and statistics.
Last but not least, the team focused on improving the performance of Tendermint, the default blockchain component that comes with the Modex BCDB solution.
Data integrity and Immutability are integral features for ensuring customer success
Data integrity is directly related to the readability and trustworthiness of database records. In systems that rely on multiple software robots that constantly manipulate and exchange data with each other, ensuring data integrity entails constant maintenance and frequent backups to guarantee the accuracy and consistency of data during its life-cycle.
Blockchain provides a viable alternative to this model. By combining cryptography with hashing algorithms, blockchain ensures log immutability, a feature that brings unprecedented levels of trust to the data owned by enterprises. In turn, immutability provides data integrity which drastically simplifies audit processes, while providing proof to stakeholders that the information has not been altered.
In an RPA context, log immutability significantly reduces overhead, streamlines operations and unlocks new value:
- Log integrity is assured by blockchain’s architecture and data storing mechanism. Once data has been introduced in a blockchain network, it cannot be altered without compromising the entire data chain. Any data discrepancies are automatically detected by the system, which allows companies to pinpoint in real-time any tampering attempts.
- Streamlined auditing – as an append-only structure, blockchain provides an indisputable record history of all the data that has been introduced in the system.
- Enhanced efficiency – log immutability enables information traceability and record history which can unlock new business momentum and new opportunities in analytics
- Ideal settlement ecosystem – data traceability, immutability, integrity, and a complete record history can reduce costly business-related disputes from months and even years, to a couple of days
Modex BCDB helps lay a technological foundation for ensuring customer success
Tamper resistant data ecosystem
Due to the sum of its beneficial characteristics, and its unique design choice, blockchain emerges as an anti-tamper technology, capable of demonstrating through complex algorithms that the data stored has not been modified by a malicious actor. Blockchain achieves tamper resistance due to its data storing mechanisms and extensive use of cryptography and hashing functions. Hashing is a process through which data input is passed through a hashing function to obtain a hash digest, also referred to as checksum, a string of characters that acts as a unique identifier. In the world of data security, hashing brings a number of major benefits.
Firstly, each input gives a unique hash digest. Even if only one byte is different between two seemingly identical files, the resulting outputs will be completely different. For example, if we take the input “Data” and pass it through the SHA – 256 hashing function (the most popular hashing function in the blockchain world) we will receive the following hash digest, an alphanumeric string of 64 characters: cec3a9b89b2e391393d0f68e4bc12a9fa6cf358b3cdf79496dc442d52b8dd528. If we take the same hash function and pass the input “data”, the hash digest will be drastically different: 3a6eb0790f39ac87c94f3856b2dd2c5d110e6811602261a9a923d3bb23adc8b7.
Secondly, it’s impossible to reverse engineer a hash digest, which means that you can’t determine the original input from the hash digest.
Blockchain is considered to be an anti-tamper technology due to its clever use of hashing. When new data is added to a blockchain, it first gets verified by the system, timestamped and embedded into a data container referred to as a block of transactions, which is cryptographically secured through a hashing function that incorporates the hash of the previous block in the new block to seal them together. This process is repeated for every new data insert to produce an interdependent chain of blocks, where the smallest change in a block will render all of the following blocks obsolete, as their hashes will no longer match.
In an environment of ever-expanding security threats, businesses and enterprises have witnessed an exponential increase in the volume and reliance on sensitive data. Giving this context, data-centered security tools and measures have become a primordial interest for companies seeking to safeguard their data as it transits over different networks, servers, and applications. In a race to provide a haven for company data, trade secrets, as well as customer and employee sensitive data, native database auditing tools, and database activity monitoring mechanisms have become a standard in the enterprise sector.
As the name implies, native database auditing tools are already integrated by default in database systems but have proven to be substandard in ensuring the protection of large scale databases, as they degrade performance and fall short in meeting compliance and security requirements.
Database activity monitoring encompasses the mechanisms and policies that are used to observe, detect and alert in real-time, any fraudulent attempts on manipulating the data in a system, or other undesirable internal or external activities while determining the efficiency of security tools and data policies.
There are a plethora of database activity monitoring tools on the market, but in general, all of them perform the same functions and are usually graded based on their ability to:
- independently monitor and audit all database activity without hindering the overall performance of the system
- secure and store database activity logs in a separate environment, outside the monitored database
- collect and compare database activities from multiple database management systems
- monitor and audit the activity of software robots to prevent manipulation of data records or logs
By integrating itself between the UiPath Orchestrator and the client’s database system, Modex BCDB can enhance activity monitoring procedures by providing in-depth tracking of software robots and database admin activities, record versioning and complex access control mechanisms. Since blockchain records and timestamps any modification made on the data, it provides a highly transparent environment not only for software robot logs but also for the user and database administrator activity logs. This feature significantly enhances audit procedures as it offers network beneficiaries a bird’s eye view over system activity.
Facilitating data traceability and record history
In a traditional database system, users can perform the standard CRUD operations (create, read, update, delete), four basic functions of persistent storage that constitute the backbone for interacting with any database. Both relational and non-relational database systems are designed to rely on the CRUD operations to enable basic interactivity. The problem with this approach is that database administrators or users with sufficient clearance can access and modify data entries. This is also valid for malicious actors who manage to exploit a security vulnerability and gain access to the database which can lead to numerous problems such as data breaches, corruption and even complete loss of data.
Modex BCDB enables companies to strengthen log security and enhance audit and reporting operations by facilitating information traceability and record history. Blockchain differs from traditional databases because it is an append-only structure, which means that delete and update operations cannot be performed on existing data.
As such, clients can configure the Modex BCDB system to store all the previous versions of the information in a separate table to simply reporting and audit operations. By default, the database will display the latest version of the information, but by accessing the record history, users can interact with older versions of the data and perform various operations including integrity checks and data analysis.
Due to blockchain’s design, data traceability is available without configuring record history. This is because each data insert in a database has its hash stored in the blockchain network. Even a small modification to an input can drastically change the hash of the information. By comparing the two hashes, an admin can easily determine that the information has been tampered with. But because it is impossible to determine the initial input from the hash digest, they will not know exactly how the information was modified in the database.
The most common method to ensure data protection is through encryption, a process through which information is transformed into ciphertext, an unintelligible block of text that can be decrypted only with the correct encryption key. For decades, data encryption has become an important line of defense in the flow of cybersecurity architecture because even if data is intercepted by malicious actors, a complex encryption algorithm can block attackers from deciphering the content of the information.
Although an invaluable tool, the way in which encryption is applied to protect information usually determines the levels of data tamper resistance. The problem is that encryption is mostly used to protect data at rest or in transit, leaving it potentially vulnerable during processing. As encryption mechanisms have evolved, the range of attacks on data has also expanded, ranging from attacks focused on encryption keys, integrity or corruption attacks, ransomware, and data destruction attacks.
Modex BCDB enables companies to tap into the potential of blockchain technology to store their database entries into a secure tamper-proof blockchain ecosystem. The infrastructure of the BCDB system was designed with security in mind. As such, to supplement the security capabilities of a standard blockchain network, Modex BCDB comes with a default data encryption mechanism that removes the need for programmers to write new code to encrypt the data. To enhance user experience and add a layer of flexibility to the BCDB environment, users have the option to enable automatic encryption at the field level. As such, any new data inserts are automatically stored in an encrypted format.