Whether the data being inserted into the ssg DB is encrypted or not

book

Article ID: 223170

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway CA API Gateway Enterprise Service Manager (Layer 7) CA Mobile API Gateway CA Rapid App Security STARTER PACK-7

Issue/Introduction

When GATEWAY inserts data into ssg DB, can GATEWAY encrypt the data and insert it?

 

Environment

Release : 10.0

Component :

Resolution

Most of the database can encrypt the data, usually database encryption is done on database side, not have to do it on application side (such as the gateway).

The mysql doesn't encrypt data by default, it can be enabled as per mysql documents,

https://dev.mysql.com/doc/refman/5.7/en/innodb-data-encryption.html

https://www.percona.com/blog/2016/04/08/mysql-data-at-rest-encryption

On gateway side, confidential data will be encrypted before insert into ssg database, such as the password of internal user, the stored password, the keystore of private keys, etc.