How to Secure REST based Legacy Applications?

If the legacy applications are using REST services to receive and send data, those applications can be secured simply by using the Proxy Manager  provided by CipherWorks. 

 

Unsecured Legacy Applications

 

 

Legacy_REST_Before.png

 

Most enterprises move unencrypted sensitive data across many systems. This makes the sensitive data spread all over the enterprise. This kind of ‘sensitive data diffusion’ brings many of the enterprise systems under the scope of compliance; and makes the data more vulnerable to internal and external threats in multiple systems.  In order to relieve these systems from scope of compliance and to secure the data, it is necessary to encrypt the sensitive data in all the systems. This would require application code changes which is very expensive and disruptive to the operations.

 

Secure Legacy Applications with no code change

 

Legacy_REST_After.png

 

Legacy applications that use REST services to send/receive data can be secured without making any code change. By simply configuring the Service Proxy, the REST service traffic will be routed through the CipherWorks Proxy Manager. Proxy Manager will automatically detect and encrypt/decrypt sensitive data in request/response streams in GET/PUT/POST/DELETE operations. This does not require any change to your legacy applications. Here are the general concepts on how it works:

Data Classification Catalog

Contains the Resource Name and JSON Path details of the sensitive data that requires semantic encryption.

Privileged Mode

If this mode is enabled, the sensitive data elements in the query will be automatically decrypted before the data is returned to the client. 

Secured Mode 

If this mode is enabled, the sensitive data elements in the requested data will NOT be decrypted when the data is returned to the client. The requested data will be returned to the client in the semantically encrypted form.