Bot Runtime security aspects

The Bot Runtime is the runtime environment that runs scripts. When a Bot Runtime interprets an script and run its commands, a bot is running. The Bot Runtime is a component available in all IBM RPA offerings.

The following list defines security aspects that are related to the Bot Runtime.

• Sandbox
  The Bot Runtime runs under an interactive Microsoft Windows session in a different encapsulated process, which is called a sandbox. This sandbox is a security measure to prevent unauthorized users from compromising the system by running bots outside the Bot Agent component.

  Only the Bot Agent can create Bot Runtime instances. The Bot Agent is responsible for coordinating all Bot Runtime operations within the same hosted computer.

• Concurrency
  Bot Runtime are independent environments where you can run multiple bots on the same host computer. For more information, see Concurrent running scripts.

• Authentication
  The Bot Runtime uses the privileges of the Windows Local System user session it is running on. You define what user session hosts a Bot Runtime when it deploys the script in the IBM RPA Control Center. The component that logs in to the computer is the IBM RPA credential provider. For more information, see IBM RPA Credential Provider.

• Chatbots' real-time communication
  When you run chatbot scripts, the Bot Runtime keeps a communication channel alive to the Chat API server to synchronize messages in real time. This communication channel uses HTTPS over TLS 1.2.

• Data encryption
  Data traffic between the Bot Runtime and the IBM RPA server is encrypted with HTTPS over TLS 1.2.