Bot Framework / LUIS Privacy Considerations

0
votes

I'm trying to understand the route a message takes when sent to and from a messaging channel to a bot built using Microsoft Bot Framework.

From this overview: https://docs.microsoft.com/en-us/bot-framework/overview-how-bot-framework-works, it seems that the message goes:

Channel (e.g Skype / Slack etc) -> MS Bot Connector Service -> my Bot web app -> MS LUIS Service

is this correct?

I'm ignoring the Bot Connector State Service in this instance since I will override it and use Cosmos (as detailed here: https://docs.microsoft.com/en-us/bot-framework/dotnet/bot-builder-dotnet-state)

Therefore when thinking about privacy of the information sent by a bot we need to consider:

Am I missing anything in this?

2
c#azurebotframeworkprivacyazure-language-understanding
Looks correct to me. And all traffic is HTTPS. Another couple potential path are Application Insights and IActivityLogger. Along with external services like other Cognitive Services and/or 3rd party APIs.Joe Mayo

2 Answers

1
votes

You should take a look at my answer here which addresses some of your concerns. The tl;dr of that answer is when using 3rd party channels, the connectors don't store any of the messages, they just convert and route them. For Microsoft channels, the messages are stored for up to 24 hours for queuing and dispatching the messages. The flag you asked about for Bot Framework currently does not exist.

LUIS stores data for users to use to improve their models, this data is not used to improve the service in anyway. Additionally, this data is encrypted at rest.

0
votes

Yeah you are correct, first from a specific channel it goes to the Bot Connector which patches it to the appropriate LUIS or QnA Maker Cognitive Service API.

Messages are sent to LUIS in the MSFT server and are secure over a https endpoint which means they are encrypted.

Bot Connector stores the context in IBotDataBag where data is stored in key-value pairs like a dictionary which is persistent across all channels.