User data encryption promotion

Promotion Steps:

 

  • Data migration steps (migration script and config in attachment):-

    • Provide DB details in following environment variables

      • DB_PASSWORD

      • DB_HOST

      • DB_PORT

      • DB_USERNAME

      • DB_NAME'

    • Backup old tables

      • create table eg_user_backup_plaintext as (select * from eg_user);

      • create table eg_user_address_backup_plaintext as (select * from eg_user_address);

    • Delete foreign key referenced on ‘eg_user’ from ‘eg_userrole_v1’ temporarily until the data is transformed

      • ALTER TABLE eg_userrole_v1 DROP CONSTRAINT fk_user_role_v1;

    • Deploy user service build with encryption to run flyway migration (egov-user:11-user_changes_MT-800f319)

    • Clean tables of all plain text data

      • delete from eg_user_address;

      • delete from eg_user;

    • run migration

      • Script python package dependencies

        • import psycopg2

        • import sys

        • import json

        • import requests

        • import configparser

        • import logging

        • import os

      • Commands to run for migration

        • python3 user_migration.py config_user_encryption.txt

        • python3 user_migration.py config_address_encryption.txt

    • Restore earlier deleted foreign key constraint

      • ALTER TABLE eg_userrole_v1 ADD CONSTRAINT fk_user_role_v1 FOREIGN KEY (user_id, user_tenantid) REFERENCES eg_user(id, tenantid) MATCH SIMPLE ON UPDATE NO ACTION ON DELETE NO ACTION;

  • Service Builds:-

    • User service:-  egov-user:11-user_changes_MT-800f319

      • Set environment variable “DECRYPTION_ABAC_ENABLED” to false

    • User service copy for chatbot:- egov-user-chatbot:4-user_changes_MT-621fe60

Note: Promote only if whatsapp chatbot is already running in the system, it uses another copy of user service named “egov-user-chatbot“. Not needed if whatsapp- chatbot is not in the system.

  • Report service:- report:22-report-encryption-changes-e92c8ae

  • enc-service:- egov-enc-service:4-master-f47bff2

 

 

 



Impact analysis:

The following columns in following tables are encrypted as part of user data  encryption

eg_user

eg_user_address

eg_user

eg_user_address

username

mobilenumber

altcontactnumber

emailid

name

pan

aadhaarnumber

guardian

address

 

  • User service api response: The apis of user service after user data encryption are unchanged (given accessed using suitable roles), services using user service apis will not be affected. Please note if any user who does not have any role defined in “DecryptionABAC” (egov-mdms-data/data/pb/DataSecurity/DecryptionABAC.json at master · egovernments/egov-mdms-data ) master’s “ALL_ACCESS” section, he will receive encrypted data on calling user service apis. To get decrypted data the user should have at least one role defined in  “ALL_ACCESS” section. If he contains a matching role the user service response will be as earlier. For providing full decryption to any role on accessing user service apis add role entry with all fields names to be decrypted.



  • Searcher: -  Since the data in the user tables is encrypted, no service should directly pick data from DB. Services using searcher should pick user data from user service separately which will provide decrypted data or searcher should be enhanced to enrich user data by calling user service

 

{

      "key": "TradeLicenseRegistryReport",

      "roleAttributeAccessList": [

        {

          "roleCode": "EMPLOYEE",

          "attributeAccessList": [

            {

              "attribute": {

                "jsonPath": "*/name"

              },

              "accessType": "PLAIN"

            },

            {

              "attribute": {

                "jsonPath": "*/mobilenumber",

                "maskingTechnique": "mobile"

              },

              "accessType": "PLAIN"

            }

          ]

        }

      ]

    }