Model Obfuscator
The Model Obfuscator enables users to share models containing sensitive, proprietary, restricted, or classified information, while maintaining the models size and shape, with Vitech Customer Support or other external stakeholders, without a need to know by obfuscating (making difficult to understand) the models contents during the export process. Replicating issues and model behavior encountered by users with the actual models size and shape greatly assists with resolving customer support cases.
Vitechs obfuscation operation executes via a one-time data transformation to meaningless alpha-numeric strings. It does not use an encryption mechanism, which means that GENESYS obfuscated model data can never be decrypted or reverse engineered.
Changes in model shape and size can affect model execution and software performance, so the obfuscation process attempts to retain the size of the original model as closely as possible (note that some small changes are impossible to avoid due to the removal of Rich Text Format and external links, to name a few), increasing the likelihood of customer support being able to replicate issues and resolve them.
Obfuscation Process Overview
In general, the obfuscation process transforms each entitys attributes (except integers and number specs) and other viewable metadata into meaningless alpha-numeric strings of the same length to preserve each data elements size. This results in an irreversible transformation of the model. As the default setting, parameters, integers, and number specs are not obfuscated, as obfuscating them will impact the behavioral simulator and any parametric calculations, which could be important to the customer support case. However, parameters, integers, and number specs can be optionally obfuscated during the Export process (see the section titled OBFUSCATION EXPORT for more information).
The following sections describe aspects of the obfuscation process in more detail.
Attribute Types that are Always Obfuscated
All attribute values of the following types are obfuscated with a model obfuscation export:
- Boolean - values are always set to true
- Collection
- Hierarchical Number
- String
- Text
Embedded Images
If images are attached or embedded in a text cell, the image files will be removed during the obfuscation process. This operation can change the size of the saved object.
RTF Formatting
Any Rich Text Formatting (RTF) applied to any attributes of type string will be removed during the obfuscation process. This operation can slightly change the size of each string.
Reference Spec External Links
The External file Paths (which are of type Reference Spec) are cleared upon obfuscation. This also applies to Node Image external graphic links (which are also of type Reference Spec) selected to represent nodes. More generally, this applies to all attributes of type Reference Spec since a file reference path could provide valuable intelligence about the IT environment or local machine hosting the application to a bad actor.
Attribute Version History
All version history is cleared for any attribute that has Version History enabled within any class. This is necessary since attribute field history and username information could otherwise cause employee, project, company, and product sensitive information to be unintentionally disclosed.
Created, Modified, and Audit Log Information
The Created, Modified, and Audit Log properties on the Property Sheet for all elements will be cleared as part of the obfuscation process. The Created and Modified properties will display as Unknown. This is to ensure that employee, project, company, and product sensitive information is not disclosed unintentionally.
|
NOTE: |
If the Created by field contains Vitech, the information is not proprietary, sensitive, or classified, since it was provided by Vitech and is in the public domain. These entities are excluded from the obfuscation process. |
Stored Views
View names will appear obfuscated on the View drop-down list on the Diagram ribbon. Diagram and entity names, etc. will appear obfuscated on the diagrams.
User Selectable Obfuscation Options
GENESYS provides four optional obfuscation options. Each is described below.
Obfuscate Schema
If the schema has been customized and deemed to have proprietary, sensitive, restricted, or classified information in it, those specializations can be obfuscated. Obfuscating the schema does not change the names of each customized class, but it will obfuscate all following fields for each class:
- Abbreviation
- Alias
- Description
- Creator
- Creation Stamp
- Enumerations
- Modifier
- Modification Stamp
- Initial Value (applies to entity and relationship attribute definitions)
|
NOTE: |
Users should be aware that if they customize the schema, the names of the objects that they create will be viewable. Since aliases are obfuscated, the best practice recommended by Vitech is to give the object a cryptic name and give the alias a friendly name for internal use. |
The image below shows obfuscation with all options checked:
The image below shows obfuscation with the options not checked:
The image below shows obfuscation with only the schema:
Since the baseline GENESYS schema is in the public domain, it does not contain proprietary, sensitive, restricted, or classified information and therefore does not need to be obfuscated.
Randomize Numerical Parameters
A user may optionally select to obfuscate all numerical parameter values for all project elements. This applies to all parameter types: Objective, Minimum, Maximum, Design, Observed, and Precision. The Units field is a text string field and is obfuscated like all other text string fields if this option is selected.
|
NOTE: |
Randomizing numerical parameters can potentially affect parametric calculation results and behavioral simulations which could in return affect customer support cases. Users should consider these effects before selecting this option. |
Randomize Distribution and Timeouts
A user may optionally select to obfuscate durations and timeouts used in activity-based classes. If the attribute is a Number Spec, constant values will be obfuscated according to the standard obfuscation technique for a float data type. For constant, randomization types, the initial value distribution type will be randomly changed to another option and the mean and standard deviations will be randomized. For script types, the script is set to NULL, meaning that any previous script content is removed.
|
NOTE: |
Randomizing numerical durations and timeouts can affect the results of behavioral simulations which could in return affect customer support cases. Users should consider these effects before selecting this option. |
Remove all Entity Related Scripts
A user may optionally select to remove all entity-related scripts from the model. Selecting this option sets the script attribute value to NULL. This causes the Simulator to use a default value.
|
NOTE: |
Scripts are often used in behavioral simulations. Selecting the option to obfuscate scripts could impact simulation results or cause them not to execute. It could also impact the ability to reproduce customer support issues. |
Obfuscation Export
The obfuscation process is included in the GENESYS software as part of the Export Utility.
|
NOTE: |
It is recommended that customers save a backup copy of their project models prior to performing the obfuscation process. |
1. To access the obfuscation feature in GENESYS, select the File menu and the Export option. Then, on the Export Options window that displays, select the Project Export with Obfuscation option on the Export drop-down list.
The default export options for the Project Export with Obfuscation export type are automatically selected in the Options list as shown below. See the Export help topic for more information on the export types and standard export options.
2. Selecting any of the options in the list from DOORS Attribute Mappings through Viewpoint Definitions will result in their inclusion in the export. Inclusion of any definitions, templates, and/or sets will obfuscate only the included items Name and Description with the exception that Definitions, Templates, and Rule Sets that are pre-packaged by Vitech as part of the out-of-the-box installation of GENESYS will not be obfuscated, as they are in the public domain.
3. If Table Definitions is selected, it will obfuscate the table definitions when using the Excel Connector as well as the built-in Table Views within GENESYS.
4. Four additional Obfuscation Options are available. When selected, these obfuscate additional parts of the models data structure. A summary of each option is provided below. For additional information, see the section entitled, USER SELECTABLE OBFUSCATION OPTIONS.
|
Obfuscate Schema |
Selecting this option will obfuscate the project's schema. It will not change any entity's name but will obfuscate: Abbreviation, Alias, Description, Creator, Creation Stamp, Modifier, Modification Stamp. This option obfuscates the base schema as well as any customizations made by the project's users. |
|
Randomize Numerical Parameters |
Selecting this option will result in all numerical parameter values being obfuscated for all project elements. It will impact the results of parametric calculations, which could be pertinent and meaningful to the customer support case. |
|
Randomize Distribution and Timeouts |
Selecting this option will result in any attribute of type Integer or Number Spec to have their values replaced with a random number. It will impact the results of simulations, which could be pertinent to the customer support case. |
|
Remove all Entity Related Scripts |
Selecting this option will replace all entity-related scripts with a hardcoded do-nothing script. These are often used in behavioral simulations, which could impact the ability to reproduce simulation results. These could potentially be pertinent to the customer support case. |
5. Select the project on the left side of the Export Options window and click OK.
6. Browse to the location where you want to save the obfuscated file.
GENESYS saves the file with the project name and a .gnsx file extension (e.g., SAMPLE Geospatial Library.gnsx).
Obfuscated Model Import
A model that has previously been exported in an obfuscated format may later be imported into the same or another instance of GENESYS. All users accessing the obfuscated model will see the model content in its obfuscated form according to the rules specified in this file.
As a best practice, the user that performed the obfuscation export should do an import of the project to a NEW project, not the previously associated project. GENESYS will recognize the obfuscated file to be the same as the original project, and if it is imported back to the original file, the original content will be overwritten with obfuscated content.
Once imported to a new project, the user can check the Statistics tab to ensure that the number of entities in the obfuscated file matches the number of entities in the original project prior to obfuscation.
