Submitting Content Securely

In order to respond to a top priority need - assuring the information provided on line by a patient is submitted and stored securely, HCA sponsored the development of what is called the "Secure Form" plugin.

This plugin, based on the dotCMS Form Handler functionality, adds the capability to encrypt the information submitted by a end user over a SSH connection and then transfer that information from a public dotCMS instance available for internet users to a private dotCMS instance accessed only from a private network.

From left to right and bottom to top in the picture: Yun Huang, Allison Page, Sasha Pickett, Diane Tomlins, Brian Traughber, and Aaron Clifford. They are part of the team that designed, installed, and tested the Secure Form Platform at HCA.

The process to submit forms securely works like this:

1. The form is created and added to a page in the exact same way it is currently done when using the Form Handler Functionality

On those dotCMS instances where the Secure Form plugin has been installed, a set of default fields, additional to those created by dotCMS, will be automatically added to a form structure:

• Form Submit Date stores the date and time when the form was submitted by the end user. This field will not be displayed in the front end for the user to set a value.
• Email stores the email address of the person submitting the form.
• Confirmation Title, Confirmation Message, and Confirmation From Email allow to configure the subject, content, and from email address of a notification email that will be sent to the users submitting the form letting them know their information has been received. These fields will not be displayed in the front end for the user to set a value.
• Secure Form ID is a unique identifier for each form instance submitted. This field will not be displayed in the front end for the user to set a value.
• Disclaimer is a special custom field that, when kept in the form, allows the disclaimer policy information to be displayed and forces the user to accept before submitting the information.

2. The user accesses the page where the form has been published in the public instance

The form is added to the page in the public instance using the "Add Form" link in dotCMS Page Editor.

3. The information is submitted to the public instance and stored encrypted into a special Form Structure

The information submitted by the user will be stored encrypted in the public instance.

4. The private instance pulls the information temporarily stored in the public instance

A Quartz job is executed by the private instance to request the transfer of the information from the public server. The frequency to execute this job can be configured at your convenience in the configuration file of the Secure Form plugin.
The example shown below executes the Qartz job every minute:

##Quartz Job Properties
quartz.job.name=Secure Forms Job
quartz.job.group=Secure Forms Job
quartz.job.description=Secure Forms Job
quartz.job.java.classname=com.dotcms.plugins.secureform.client.business.SecureFormsJob
quartz.job.cron.expression=0 0/1 * * * ?

5. The information is decrypted and stored in the private instance

Once the information has been transferred to the private instance, it is decrypted and stored to be accessed by users from a secure network.

6. The information is deleted from the public instance

The same Quartz job in charge of transferring the information also makes sure that the information is deleted from the public instance once it has been stored in the private instance.

In conclusion, the Secure Form plugin extends the Form Handler functionality to allow encryption and storage of the information submitted from any device in the internet to a dotCMS secure instance.