Default banner

Developer APIs for Key Management and Encryption

CipherTrust Application Data Protection

CipherTrust Application Data Protection offers simple-to-use, powerful software tools for application-level key management and encryption of sensitive data. The solution is flexible enough to encrypt nearly any type of data passing through an application. Application-layer data protection can provide the highest level of security, as it can take place immediately upon data creation or first processing and can remain encrypted regardless of its data life cycle state – during transfer, use, backup or copy. CipherTrust Application Data Protection can be deployed in physical, private or public cloud infrastructure to secure data even when it is migrating from one environment to another, without any modifications to existing encryption or data processing policies. CipherTrust Application Data Protection is a fusion of products formerly known as Vormetric Application Encryption and SafeNet ProtectApp.

  • Benefits
  • Features
  • Specifications

Centralized key management

Centralized key management enables developers to add security to applications, free from complex and risky alternative key management stores.

Accelerate Secure Application Development

With APIs for both PKCS#11 and KMIP and bindings for Java, C/C++, .NET and REST, more developers gain a faster start and can leverage the solution for more data protection use cases.

Leverage the cloud with utmost security

Architecture is both IaaS- and PaaS friendly, with keys that cloud administrators cannot access.

Offload crypto processing from application hosts

Leveraging CipherTrust Manager power cryptographic performance, simple configuration tells the architecture to encrypt there, saving application server CPU cycles.

Broad Key Support

The solution offers both symmetric and asymmetric keys to cover a vast range of use cases.

Many Architecture Choices

The solution offers development flexibility, provided with a range of architecture and API choices. Developers can choose RESTful APIs to limit deployment footprint, leveraging both key management and crypto operations occurring on CipherTrust Manager. In addition, installable development libraries and APIs are available. Finally, another lightweight deployment option is to install the encryption and key management libraries on a web server and access them from an application server using SOAP or REST APIs.

Automated Key Rotation

CipherTrust Application Data Protection features built-in, automated key rotation, and offers a wide range of cryptographic operations including encryption, decryption, digital signing and verification, secure hash algorithms (SHA), and hash-based message authentication code (HMAC).

Rich Ecosystem of Solutions

CipherTrust Application Data Protection provides key management and/or encryption services for a formidable ecosystem of solutions including Linux Unified Key Setup (LUKS) and key management for Transparent Data Encryption (TDE) vendors including Oracle, Microsoft SQL Server, and HashiCorp Vault, among many others.

Development Libraries and APIs

  • Java, C/C++, .NET
  • XML open interface, KMIP standard
  • Web services: SOAP and REST

Encryption Algorithms

  • Including 3DES, AES-256, SHA-256, SHA-384, SHA-512, RSA-1024, RSA-2048, RSA-3072, RSA-4096

Web Application Servers

  • Apache Tomcat, IBM WebSphere, JBoss, Microsoft IIS, Oracle WebLogic, SAP NetWeaver, Sun ONE, and more

Cloud and Virtual Infrastructures

  • Works with all major cloud platforms, including AWS, Azure, IBM Cloud, Google and VMware

Supported Platforms for ICAPI Provider

  • Red Hat Enterprise Linux 5.4 and above
  • Microsoft Windows 2003, 2008 R2, and 7 in both 32-bit and 64-bit