Base Chat's Security System
Base Chat implements multiple layers of protection to ensure the security of knowledge data throughout its lifecycle:
transport layer protection
- end-to-end encryption: Mandatory use of TLS 1.2+ protocol for all API communication
- tokenized authentication: Replacing traditional session cookies with short-term valid JWT tokens
- Request for signature: HMAC signatures are required for critical operations to prevent man-in-the-middle attacks.
Data storage security
- Field-level encryption: Sensitive information is encrypted with AES-256 before warehousing
- least authority principle (LAP): Read and write access to database accounts by function
- automatic desensitization: Sensitive information in log records is automatically replaced with hash values
Operations and maintenance security measures
- Key Management: Manage encryption keys via AWS KMS or Hashicorp Vault
- vulnerability scan: automatic upgrade mechanism of dependency libraries with regular security audits
- Backup Strategy: Incremental daily and full weekly backups of knowledge base data
Users are recommended to enable SSL connection for PostgreSQL and restrict external access to database ports on the firewall to build a defense-in-depth system. The system also supports configuration of IP whitelist and two-factor authentication to further enhance security.
This answer comes from the articleBase Chat: A Multi-Tenant Chatbot for Building Knowledge Bases Based on RagieThe
May not be reproduced without permission:AI productivity tools " How do I secure the transfer and storage of my knowledge base data when using Base Chat?
