Header
(8.3.X) Critical Data Protection
In automation projects, the scripts deal with various user IDs and passwords. Qualitia securely stores this critical information in order to be more robust. The automation scripts maintain these passwords in encrypted mode to prevent exposure of original data unnecessarily.
Qualitia provides two approaches to encrypt data:
Using Environment Variables:
- Go to Setting > Environment Variable.
- Enter the critical data using ENCRYPT(...) token and press Tab to shift focus out of the cell.Â
After encryption, the data reflects as shown below:
Using Development Screen:
- Go to Development > Test Cases.
- Create a new test case or open an existing test case.
- Enter the critical data using ENCRYPT (…) token and move out from the cell.
This token uses static data as well as data sheet for encryption.
After encryption, the data reflects as shown below:
Using Encrypted Data in Test Case(s).
Qualitia provides the following actions to set encrypt data. ENCRYPT token is only used in the actions mentioned below:
- SecureSet
- SecureSetTextinCellEdit
- SecureStoreVariable
These actions decrypt the encrypted data first and then set the original decrypted value in a password field.
These actions decrypt critical data only when it is in encrypted state. If we try to pass a plain (non-encrypted) password to these actions, then rather than decrypting the data, it gives an error as "the value is not in encrypted format."
Limitations
- The actions are applicable to non-secured edit boxes as well. This should be allowed only for the password field; however, it can be done on normal edit boxes as well.
- There is no provision to store secured value at run-time in encrypted state.
- Data once encrypted cannot be decrypted, not even within the application. This is to ensure utmost security.
- Once you have entered the data and it is encrypted, there is no way to validate if it is correct. This can be an issue if incorrect data is entered and it gets encrypted.
- Data comparisons for secured data will only be done on the encrypted data.
Footer