DPG policy is a set of rules that determines when and how to protect/reveal sensitive data moving through DPG. DPG can protect/reveal any data that is transferred through HTTP with REST architecture in the JSON format. The sensitive data is specified at JSON path or in URL parameters. DPG allows you to configure on which data cryptographic operations is to be performed in HTTP methods. Protection of the sensitive data is governed by the Protection Policy associated with the DPG policy. At the time of reveal operation, DPG reads the access policy and displays the data according to the rules configured for the user set. The DPG policy is created and managed from the CipherTrust Manager UI or API playground.
DPG policy specifications
DPG allows association of different protection policies based on sensitive data. Each sensitive data to be protected/revealed will have their own protection policy.
DPG allows you to reveal the output in different formats for different user sets.
A user can choose the data to be protected or revealed in any combination of URL path, the REST methods, and their request/response.
Each application has its own DPG policy.
DPG can be configured to perform cryptographic operations for these methods.
DPG policy is created at the time of configuring Application. Refer to Managing Applications for details.