Protecting Your Data in DevOps Process with Fortanix APIs in OpenAPI 3.1 Format

Asma Zubair
Asma Zubair
Priyanka Sharma
Published:Oct 11, 2023
Reading Time:5 mins
protecting your data in devops process

Introduction to Fortanix APIs

In our datacentric world, safeguarding sensitive information is not just essential; It is imperative. As data breaches and cyber-attacks continue to rise, data security becomes increasingly critical. Fortanix offers a comprehensive, flexible, and scalable data security platform with APIs that seamlessly integrate into any DevOps workflow. Read on for details.

The Data Security Landscape

The challenges in today's data security landscape are formidable:

Evolving Threats: The cyber threat landscape evolves rapidly, with attackers employing increasingly sophisticated techniques. Protecting data against these evolving threats is an ongoing battle.

Development Agility: In the age of DevOps and rapid development, integrating security seamlessly into the development pipeline is crucial. But finding the right balance between security and agility can be a challenge.

Data Proliferation: Data is generated at an astonishing rate and resides in various environments, from on-premises data centers to the cloud. Securing this dispersed data is a formidable task.

Regulatory Compliance: Organizations are subject to a web of stringent data protection regulations, from GDPR to HIPAA. Non-compliance can lead to significant fines and reputational damage.

The Ideal Data Security Solution

An ideal data security solution must meet specific criteria:

Advanced Key Management: The ability to securely generate, store, and manage cryptographic keys is essential. Keys need to be protected from theft or compromise, preferably within a Hardware Security Module (HSM).

Secrets Management: Securely managing secrets, such as API keys, passwords, and certificates, with robust access controls and auditing is essential. Secrets need to be securely managed throughout the pipeline, from development to deployment.

Tokenization of Sensitive Data: Tokenization is a technique for protecting sensitive data. It replaces sensitive information with non-sensitive placeholders while preserving functionality and usability. Tokenization ensures data remains confidential.

Seamless Integrations: The solution needs to seamlessly integrate into the development and DevOps workflow, ensuring that security is not an afterthought but an integral part of the process.

Fortanix Advantage with OAS 3.1 Compliant APIs

Fortanix offers a cutting-edge data security solution through a suite of APIs in OpenAPI 3.1 format, designed to meet and exceed the criteria for an ideal data security platform.You can review these APIs at Fortanix API References, import the specifications in Postman, or simply configure your client , authenticate and start using the Fortanix APIs.Listed below are a few examples that provide a quick peek into Fortanix APIs covering various use cases such as key management, secrets management, tokenization, detokenization, encryption, and decryption.

Getting Secrets or keys

To get secrets or keys for a given app, you can make a curl call as shown below:

curl --location '<Endpoint URL>/crypto/v1/keys' \
--header 'Authorization: Basic <API Key>’

Importing a Secret

To import a secret into DSM, you can use:

curl --location --request PUT '<Endpoint URL>/crypto/v1/keys' \
--header 'Authorization: Basic <API Key>' \
--header 'Content-Type: text/plain' \
--data '{
"name": "<Name of the secret>",
"obj_type": "SECRET",
"key_ops": [
"EXPORT",
"APPMANAGEABLE"
],
"value": "<Value of the secret in Base64 format>",
"enabled": true
}'

Encryption

Listed below is a sample curl command for encryption:

curl --location '<Endpoint URL>/crypto/v1/encrypt' \
--header 'Authorization: Basic <API Key>' \
--header 'Content-Type: application/json' \
--data '{
"key": {"kid": "<KeyID is the ID of the key created in DSM>"},
"alg": "AES",
"mode": "CBC",
"plain": "SGVsbG8gV29ybGQhCg=="
}'

Plain is the Base64 encoded text string that you want to encrypt (e.g., “Hello World!”).

Decryption

Listed below is a sample curl command for encryption:

curl --location '<Endpoint URL>/crypto/v1/decrypt' \
--header 'Authorization: Basic <API Key>' \
--header 'Content-Type: application/json' \
--data '{
"key": {"kid": "<KeyID is the ID of the key created in DSM>"},
"alg": "AES",
"mode": "CBC",
"cipher": "<Cipher that you obtained from encrypt call>",
"iv": "<Initialization vector obtained from encrypt call>"
}'

Tokenization

Listed below is a sample curl command for Tokenization:

curl --location '<Endpoint URL>/crypto/v1/encrypt' \
--header 'Authorization: Basic <API Key>' \
--header 'Content-Type: text/plain' \
--data '{
"key": {"kid": "<ID of the security object (in DSM) with type set to tokenization>"},
"mode": "FF1",
"alg": "AES",
"plain": "dGVzdEB0ZXN0LmNvbQ=="
}'

Plain is the Base64 encoded text string that you want to tokenize (e.g., “test@test.com”).

Detokenization

Listed below is a sample curl command for Tokenization:

curl --location '<Endpoint URL>/crypto/v1/decrypt' \
--header 'Authorization: Basic <API Key>' \
--header 'Content-Type: text/plain' \
--data '{
"key": {"kid": "<ID of the security object (in DSM) with type set to tokenization>"},
"mode": "FF1",
"alg": "AES",
"cipher": "<Cipher that you obtained from encrypt call>",
}'
Conclusion

To summarize, Fortanix's APIs in OpenAPI 3.1 format deliver robust data security capabilities ensuring the confidentiality and integrity of your data while navigating the complex landscape of technology and regulations.

To explore Fortanix's data security offerings and unleash the power of Fortanix APIs, visit Fortanix API References. Your data protection journey starts here.

Related Read: How to Protect Sensitive Data in Virtual Environments

Share this post:
Fortanix-logo

4.6

star-ratingsgartner-logo

As of August 2023

SOC-2 Type-2ISO 27001FIPSGartner LogoPCI DSS Compliant

US

Europe

India

Singapore

US:

3910 Freedom Circle, Suite 104,
Santa Clara CA 95054

+1 408-214 - 4760|info@fortanix.com

Europe:

High Tech Campus 5,
5656 AE Eindhoven, The Netherlands

+31850608282

India:

UrbanVault 460,First Floor,C S TOWERS,17th Cross Rd, 4th Sector,HSR Layout, Bengaluru,Karnataka 560102

+91 080-41749241

Singapore:

T30 Cecil St. #19-08 Prudential Tower,Singapore 049712