Encrypted workflow files

i_completed
orchestrator
studio
r_18_1

#1

Hi,
Do you know how can I have an workflow file encrypted before deployment and have the robot decrypting it in the memory just before executing it?
Thanks,
Doru


#2

Hi,
moved to idea category.


#3

If you stored all of your workflows on a dedicated partition and called your robots from the command line you could decrypt the partition before the robot accessed it using pgpwde or something, but I agree with @ddpadil this would be much cooler implemented on the UiPath side since the XAML is pretty exposed in terms of storing all of the data from dropdown menus etc


#4

Hi. We’re working on this…but still give us a use case. Those workflow file are deployed under robot Windows accounts therefore can’t be modified…except admins.


#5

Mihai, I would like to deploy workflows files (xaml files) onto client computer but have a minimal protection so the client will not open the workflows (e.g. using UiPath CE Studio) to study or modify them.
I can have a exe app that will decrypt the files and then use command line to start the robot but decrypted files can easily be retrieved from temp folder.


#6

out in 2018.1. January.


#7

Hi, i’ve installed the newest version 2018.1.1 and can’t find this feature. I can still see the whole workflow files and edit them as adminstrator. They are only protected by windows access rights, but they aren’t encrypted. Isn’t it implemented or is there a button to activate this feature?


#8

when you deploy via Orchestrator to a robot the FO user won’t be able to access the files.


#9

i’ve seen this, the access are managed by the access rights, so a normal user can not access them, but im asking for a real encryption of the workflow files inside UiPath, so also administrators can’t access these files. just like @tjsauter said:

thought that this will be implemented


#10

If nobody can access the files, not even administrators, how would you solve the problem of troubleshooting a workflow?


#11

It’s not about the access rights. It’s about encryption of the workflow file something like:
The Orchestrator encrypts the workflow file after it gets it published from the Studio and then sends the encrypted workflow file to the robot, this saves it still encrypted on it’s disk. So no user can read the file, except the robot that has some kind of decryption key from the Orchestrator, so the robot can decrypt the workflow file while executing.

Something like this would be a inside UiPath implemented encryption, so no one could use these published workflow files, except for the robot itself.
This would be important to sell customers complete implemented robots without revealing anything about the know-how. Also it will gain the ability to control that the customer doesn’t copy the robot without permission.


#12

And for data security it would be nice to have the workflows encrypted on server.

we will build an automated md5-check to proof our workflows are unchanged after development, but it is not an ideal solution!