search

cossacklabs / acra

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
https://www.cossacklabs.com/acra/
Apache License 2.0
1.32k stars 128 forks source link

Ask: How to use Masking? #690

Closed fawwazid closed 8 months ago

fawwazid commented 8 months ago

Hello Acra,

Is there an example of using Masking for Insert and Select queries in MySQL using only Acra-Server?

Thank you.

vixentael commented 8 months ago

@fawwazid Here is a docker-baser Acra engineering example with MySQL and AcraServer that uses masking https://github.com/cossacklabs/acra-engineering-demo/blob/master/python-mysql-postgresql/README.md

You can see the column "masking" and its configuration setting (symbols to use as mask, where to mask left or right) in the encryption config: https://github.com/cossacklabs/acra/blob/master/examples/python/extended_encryptor_config.yaml#L20

Docs about masking https://docs.cossacklabs.com/acra/security-controls/masking/

fawwazid commented 7 months ago

Hi @vixentael,

Can Acra Masking use regex patterns?

vixentael commented 7 months ago

Acra Community Edition does not support regex for masking, as it's more sophisticated control, but it might be possible for Acra Enterprise Edition.