- All ocapi instances are hosted behind an HTTPS load balancer.
- All challenges are identified by a random unique UUID.
- Partner authentication using Json Web tokens, with algorithm HS512 (HMAC using SHA-512 hash algorithm).
- No cryptography primitive is implemented by Teklia, we rely on well known and supported libraries.
Each challenge we send to a user (transcriptions or classification mode) has 2 types of data: - annotated data, where we already know the answer, - unknown data, where we do not know the answer.
This means that we validate the user's challenge on a subset of data sent to him:
- for a
classification challenge, we know at least 50% of the classes,
- for a
transcription challenge, we know one of the two images.
A user should not be able to easily cheat this system as he has no way of knowing which images are already annotated. A potential attack vector here is to request a lot of challenges and statistically identify which images are the most frequent; this would require a lot of time, and could be avoided by a rate-limiting system on our side.
For reference, we had an uptime of 99.95% over the year 2020 (meaning 21m maximum of downtime per month).
Private key lost or compromised by partner
If the partner's private key is lost or exposed (should not happen until a leak happens on the partner's infrastructure), an attacker can simply check the state of known challenges (enumerating UUIDs would be practically impossible).
No write action is allowed to partners on the Ocapi instance.
Furthermore, we can easily revoke and re-create a new private key once contacted about the issue. The leaked private key would become immediately inoperable.