CipherTrust Data Protection Gateway (DPG) allows enterprises to protect any sensitive data which is incoming or outgoing from a cloud-native application via REST API. DPG is designed from the ground up to seamlessly fit with existing cloud-ready applications. It is deployed as a sidecar and performs cryptographic operations transparently on behalf of the application. The application never has to know about encryption. Best of all, no code changes are necessary. DPG enables enterprises to centralized configure their cryptographic policies in a reusable, human-readable way and to deploy data protection that fits seamlessly within their native cloud deployment.
DPG is delivered as a standard Docker image and, as such, can be deployed in any Kubernetes environments or as a standalone Docker Container. The release contains new feature and bug fixes.
Added support of data-centric policies. It is now mandatory to configure access policy while creating protection policy. Follow the link for more information.
Support added to auto-renew client certificate. More information is provided here.
Support added to create static and dynamic masking formats. Static format creates masking format for the protect operation. Dynamic format creates masking format for the reveal operation. Click here to know more.
Added support of internal, external, and disable versioning in protection policy. Click here for more details.
From this release onward, there is a major change in how the protection policy version header details are returned to the user. A 7-digit length (1 001 000) is reserved for the version bytes. Refer to the DPG Upgrade section for details.
This release onward, DPG will use REST interface to fetch keys form the CipherTrust Manager. Refer to the DPG Upgrade section for details.
Implemented access policy for mapped character sets. During the reveal operation, the access policy will only be applied to characters that are part of the character set; characters outside the character set range will be preserved.
Features in this release are compatible with CipherTrust Manager 2.8 and higher versions.
The following issues are fixed in this release.
|When multiple parallel requests are sent to DPG, data in a few requests differs from the actual ciphertext.