Skip to main content

Data Protection Gateway

This demo shows how you can use a tool like CipherTrust Data Protection Gateway and do field level data encryption with no change to your application's code.


How does it work?

Step 1 - Add side-car container

You need to deploy a sidecar container or an agent that proxies all your requests to your container.

It looks something like this if you use docker-compose. Note - You can use DPG and CipherTrust manager with any other Kubernetes or Helm deployment.

version: '3.1'

image: thalesgroup/ciphertrust-data-protection-gateway:latest
container_name: ciphertrust
- DESTINATION_URL=http://nextjs:3000
- DPG_PORT=9005
- 80:9005

Step 2 - Configure DPG policies

Setup DPG policies in CipherTrust Manager to encrypt the fields that are encrypted for your POST requests and add a decrypt policy for your HTTP "GET" requests.

This ensures that the proxy takes care of the encryption and decryption and the database finally ONLY gets encrypted data.

dpg policy example

Step 3 - Sit Back and Relax

Let CipherTrust Manager do all the magic for you while you focus on building great applications.

For any questions or to request a tutorial check out our community forum.