Active security & Privacy design
User is responsible for
his own account and devices
The user is the sole administrator of his own account and devices. Modification or update are subject to:
- be in a safe place
- to multifactor authentication
- to notification sent to
- other devices (if any), notification and display in the warning tile of the the news view
- the main email (if you are not the author of this modification please click on…a link)
His own account
- identity
- emails: a user can have many email addresses.
- an email addresse is generally bound to one or many segment of his life : for instance the professional email is bound with the professional life.
- one email is declared as main, and is the one that will be used for notification of change
- when you create an event in a segment, the event will bear the first email address of this segment
- create a professional event is subject to the authorization of the company administrator
- avatar and image are defined per segment of life
His devices
The user has at least one device.
the user can register as many devices he wants with a limit of 5 active devices
Chacal in each device may be protected (or not) with a password specific to each device
The user can manage his own devices.
Active security
During the event
The participant in an event plays an active role to protect his privacy in managing his event
- Events are “containerized per life”, thus segregating profesional life, private life, family life, social life…
- Device participation to an event
- “preying eye” protection
- Filter and hide event per “life”
- Protect the event with a password
- Event password validity
As responsible of the event, the owner plays an active security role. He can control the
- Behavior of the participant
- that the participating devices are really under participants control
- information, document, contributions and comments
- Event confidentiality
- Classified
- Secret
After the event
Legal department, security officer, audit control the record management of information
Integrity
Loss of information
The integrity of information is guaranteed
Active events
- Nobody can delete any information
- In case of error, event can be deleted but only before to become active (life cycle). Depending on the FilePlan it may be marked as canceled in the record management
- “Man in the Middle” protection: with cipher algorithm, device location control
- Security officer can examine the settling tank for cybercriminal attempts
- Contribution and capture are securely stored in the event container and synchronized at once
Past events
- Archived events are in a read only or browse mode
- Nobody can delete an event. Deletion is only authorized after the retention period, with a process involving legal and operational department responsibles
- All attempts to access information are traced
- An event belonging to a chain of events cannot be deleted alone
- A chain of events (projects and business process) can be deleted only if all its chained events can be deleted
Leak of information
Active events
- Citrus container: ChatCal app is a container. All installed apps in the device cannot access to ChatCal components
- Segregated life: events belong to your professional life, personal life and are segregated in segments as in citrus, they cannot interract; each segment can be protected with a different encryption
- Device management
- Devices participating in an event
- Time out of ChatCal
- Suspend remotly device that are left unattended
- Lost device
- Localization of the devices: ChatCal controls the localization of the mobile devices (GPS) and take proper predefined actions on events and corporate documents. As well ChatCal can force the GPS to start. To protect personal privacy, the GPS information is not accessible to anyone, just kept for the needed process time and securely erased
- Hide events
- Family and social events are hidden at work and profesional events are hidden out of working time
- ChatCal hides events upon the localization of the mobile
- Mobile rights: Information behavior according to the location of the mobile device: hide, dispear or secure delete
- No export of event or single information out of ChatCal. Only for authorized person and traced in Blue Digital Safe
- Corporate document mobile rights
- Event privacy set to “classified” or “secret”
Past events
- Securely deleted in devices: at archiving time the event is securely deleted in all the participating devices of all participants
- No Export: Archived events (or part of it) cannot be exported out of the Blue Digital Safe
- Operations: BlueChatCal collaborators (Operation, Assistance…) can only manage the event containers but can’t open them
Internet transport
Synchronization
During the synchronization and the needed transfer over the Internet, integrity and leak are protected with various means::
- Internet protocol is encrypted using HTTPS 64 bits
- Incremental only the modified information is synchronized and not the entire event. Only increments makes more difficult to a spy to understand the entire event information after decryption.
- Fragmented message permit to split a message into many chunks, The chunks are not synchronized in a sequential order, thus if a message is captured and decrypted, it makes more difficult to a swindler to understand the flow of information after decryption.
- Cypher is part of the flow of information and automatically generated. Non or badly cyphered information are ignored. A man in the middle will change the cypher even if he is just reading.
- Delay to synchronize is controlled, after a certain delay synchronization becomes suspicious and is subject to owner’s special action as conflict resolution
- Settling tank is used to filter the suspicious chunk of synchronisation that are not signed correctly or coming form suspicious zone. The Settling tank is the perfect place to fight cyber criminality, track attempt and catch red handed
- Time control: BlueChatCal ensures the chronology of information in stamping every modification with UTC time (Coordinated Universal Time). For easier view of information, ChatCal convert the UTC to the local time of your device.
Conflict resolution
It might happen that two of your devices modify the same information and synchronize laterly because of lack of connection. You will be warned in the warning tile of the the news view. All information will be presnted to you in order you can resolve the conflicting information: choose the accurate one or merge the conflicting information in a new one.