Data Protection Gateway

This demo shows how you can use a tool like CipherTrust Data Protection Gateway and do field level data encryption with no change to your application's code.

Pre-requisites

Deployed Ciphertrust Manager instance

How does it work?

Step 1 - Add side-car container

You need to deploy a sidecar container or an agent that proxies all your requests to your container.

It looks something like this if you use docker-compose. Note - You can use DPG and CipherTrust manager with any other Kubernetes or Helm deployment.

docker-compose.yml
version: '3.1'

services:
  ciphertrust:
    image: thalesgroup/ciphertrust-data-protection-gateway:latest
    container_name: ciphertrust
    environment:
      - REG_TOKEN=<YOUR_DPG_REG_TOKEN>
      - DESTINATION_URL=http://nextjs:3000
      - DPG_PORT=9005
      - TLS_ENABLED=false
      - KMS=<YOUR_CM_IP>
    ports:
      - 80:9005

Step 2 - Configure DPG policies

Setup DPG policies in CipherTrust Manager to encrypt the fields that are encrypted for your POST requests and add a decrypt policy for your HTTP "GET" requests.

This ensures that the proxy takes care of the encryption and decryption and the database finally ONLY gets encrypted data.

dpg policy example

Step 3 - Sit Back and Relax

Let CipherTrust Manager do all the magic for you while you focus on building great applications.

For any questions or to request a tutorial check out our community forum.

Data Protection Gateway

Pre-requisites​

How does it work?​

Step 1 - Add side-car container​

Step 2 - Configure DPG policies​

Step 3 - Sit Back and Relax​

Pre-requisites

How does it work?

Step 1 - Add side-car container

Step 2 - Configure DPG policies

Step 3 - Sit Back and Relax