awesome-postgres icon indicating copy to clipboard operation
awesome-postgres copied to clipboard

Add Acra, database protection suite [security]

Open vixentael opened this issue 6 years ago • 0 comments

What is Acra?

Acra data leaks prevention suite enhances your database with strong encryption, SQL firewall and intrusion detection system.

Acra allows to selectively encrypt sensitive records with strong multi-layer cryptography in client-side application. Sensitive data is encrypted before being transmitted to the database, and decryption key is not stored on client side, neither on the database side.

Thus compromising both client-side application and database server won't lead to stealing key and decrypting data in the database.

Acra + client applications

AcraWriter is a part of Acra suite, a client-side library, which integrates into the app flow either through ORM or directly, and provides the means to encrypt the sensitive data.

AcraServer parses every SQL query from the client application to the database. It allows to detect potential intrusions and SQL injections (using SQL firewall and poison records).

PostgreSQL support

Acra supports PostgreSQL 9.4+, supports complicated queries and prepared statements.

vixentael avatar Jul 27 '18 15:07 vixentael