Alfresco

Custom Content Encryption in Alfresco Community

Alfresco is a leading open-source ECM (Enterprise Content Management) system. Modern companies, irrespective of their size and business model can leverage the benefits of the feature-rich Alfresco Community Edition. As an entrepreneur, you can consult a reputed and robust Alfresco development company to build a customized ECM powered by Alfresco.

The Alfresco Community Edition enables users to store the corporate documents in a ‘content store’ which is a normal file system. It is an open file system for all users including server administrators, developers, and maintainers. In this system, all the content (documents) can be stored in the form of a .bin file.

The file names within the content stores are referenced through GUID which is maintained within the database. Specifically, in the Alfresco community edition, these .bin files can be converted back to the original document by changing their extensions if the original extensions are known.

These content stores are often exposed during the backup and restoration of the repository in the document management system. If the documents are confidential then there is always a risk of getting these documents into the wrong hands. Therefore, we have developed a custom encryption component that encrypts every document within the Alfresco instance before it gets stored.

As the encryption is being done at the time of the documents/content being stored to the content store, encryption will be the background process. Similarly, the document will be decrypted while accessed within the Alfresco only by Alfresco users.

The best part of the component is- it does not affect the content which is already present in the content store. It means the component can be applied to the Alfresco instance already having content, which is in use. The component will start encrypting the content right from the implementation.

Technical Details

  • We have implemented custom encryption using AES with CTR mode of Encryption algorithm.for the alfresco community edition.
     
  • The encryption operation is performed as and when the document/content being stored in the content store.
     
  • AES Algorithm detail

- AES (Advanced Encryption Standard) with CTR(Counter) mode Encryption
- 16 bytes key to encrypt-decrypt
- 16 bytes Initialization Vector(IV) param
 

  • Classes Overridden for Encryption
     

The following classes are being used internally while creating a unique .bin file at the physical content store. We have to override these classes to encrypt the content before they get stored in the content store.

org.alfresco.repo.tenant.TenantRoutingFileContentStore
org.alfresco.repo.content.filestore.FileContentStore
org.alfresco.repo.content.filestore.FileContentWriter
org.alfresco.repo.content.AbstractContentWriter
org.alfresco.repo.content.LimitedStreamCopier
 

  • Classes Overridden for Decryption

These two classes are used to read the content from the content store. Normally, these classes expect the normal content from the nodes which have been stored in the content store. As we have are encrypting the content of a node before it gets stored in the content store, we have to override these classes to decrypt the content using the decryption key.

org.alfresco.repo.content.filestore.FileContentReader
org.alfresco.repo.content.AbstractContentReader
 

  • Performance

These encryption and decryption of content are adding little extra operations to the process of storing and retrieval of content. However, it will not affect the user experience if the server configuration is done according to the standard recommendation by Alfresco.

Talking about the benefits of customized content encryption in the Alfresco document management system, we can include the following ones-
 

  • Security for stored or archived content
  • Does not affect other features and operations
  • Custom encryption key restricts decryption of the content outside the alfresco without key
  • Does not affect old or existing content of the content store and indexing

Tridhya Tech is a renowned Alfresco development company with a team of highly skilled and certified Alfresco developers. We can come up with a user-friendly and feature-rich document management system for companies of all sizes and irrespective of industry sectors.

You can contact us by sending an email at [email protected]. Our expert consultants are happy to help you!

#CTA-1#

How to Set Workflow Due-date Reminder in Alfresco DMS

Read more
A Preparation Guide for Alfresco Certified Engineer Test

Alfresco

A Preparation Guide for Alfresco Certified Engineer Test

This blog serves as a comprehensive preparation guide for individuals planning to take the Alfresco Certified Engineer test, offering valuable insights, resources, and tips to help them succeed in the certification exam.

Alfresco

Running Alfresco AngularJS Application (0.5.1) without Activiti Explorer

This blog may explain how to run an Alfresco AngularJS application version 0.5.1 independently without the need for Activiti Explorer, offering insights for developers on deploying and utilizing the application in a standalone fashion.

Transform Your Business With Digital Enterprise Solutions

Contact us

Our Offices

INDIA AHMEDABAD, INDIA

401, One World West, Nr. Ambli T-Junction 200, S P Ring Road, Bopal, Ahmedabad, Gujarat 380058

UK
UK

Kemp House 160 City Road, London, United Kingdom EC1V 2NX

GERMANY GERMANY

Nürnberger Str. 46 90579 Langenzenn Deutschland

AUSTRALIA AUSTRALIA

Level 36 Riparian Plaza, 71 Eagle Street, Brisbane, QLD 4000

USA USA

4411 Suwanee Dam road, Bld. 300 Ste. 350 Suwanee GA, 30024

SOUTH AFRICA SOUTH AFRICA

Cube Work Space, 24 Hans Strijdom Avenue, Cape Town

UAE DUBAI, UAE

B 503 Sama Tower, Sheikh Zayed Road, United Arab Emirates