Skip Navigation

CipherTrust Application Data Protection

CipherTrust Application Data Protection offers simple-to-use, powerful software tools for application-level key management and encryption of sensitive data. The solution is flexible enough to encrypt nearly any type of data passing through an application. Applicate-layer data protection can provide the highest level of security, as it can take place immediately upon data creation or first processing and can remain encrypted regardless of its data life cycle state – during transfer, use, backup or copy. CipherTrust Application Data Protection can be deployed in physical, private or public cloud infrastructure to secure data even when it is migrating from one environment to another, without any modifications to existing encryption or data processing policies.

CipherTrust Application Data Protection is deployed with CipherTrust Manager, an architecture that centralizes key and policy management across multiple applications, environments, or sites. The combined solution provides granular access controls that separate administrative duties from data and encryption key access. For example, a policy can be applied to ensure that no single administrator can make a critical configuration change without additional approval.

CipherTrust Application Data Protection from Thales CPL is available for sale to the U.S. Federal Government exclusively through Thales TCT.

  • Benefits

    Centralized key management

    Centralized key management enables developers to add security to applications, free from complex and risky alternative key management stores.

    Accelerate Secure Application Development

    With APIs for both PKCS#11 and KMIP and bindings for Java, C/C++, .NET and REST, more developers gain a faster start and can leverage the solution for more data protection use cases.

    Leverage the cloud with utmost security

    Architecture is both IaaS- and PaaS friendly, with keys that cloud administrators cannot access.

    Offload crypto processing from application hosts

    Leveraging CipherTrust Manager power cryptographic performance, simple configuration tells the archtecture to encrypt there, saving application server CPU cycles.

  • Features

    Broad Key Support

    The solution offers both symmetric and asymmetric keys to cover a vast range of use cases.

    Many Architecture Choices

    The solution offers development flexibility, provided with a range of architecture and API choices. Developers can choose RESTful APIs to limit deployment footprint, leveraging both key management and crypto operations occurring on CipherTrust Manager. In addition, installable development libraries and APIs are available. Finally, another lightweight deployment option is to install the encryption and key management libraries on a web server and access them from an application server using SOAP or REST APIs.

    Automated Key Rotation

    CipherTrust Application Data Protection features built-in, automated key rotation, and offers a wide range of cryptographic operations including encryption, decryption, digital signing and verification, secure hash algorithms (SHA), and hash-based message authentication code (HMAC).

    Rich Ecosystem of Solutions

    CipherTrust Application Data Protection provides key management and/or encryption services for a formidable ecosystem of solutions including Linux Unified Key Management (LUCKS) and key management for Transparent Database Encryption (TDE) vendors including Oracle, Microsoft SQL Server, and HashiCorp Vault, among many others.

  • Specifications

    Development Libraries and APIs

    • Java, C/C++, .NET
    • XML open interface, KMIP standard
    • Web services: SOAP and REST

    Encryption Algorithms

    • Including 3DES, AES-256, SHA-256, SHA-384, SHA-512, RSA-1024, RSA-2048, RSA-3072, RSA-4096

    Web Application Servers

    • Apache Tomcat, IBM WebSphere, JBoss, Microsoft IIS, Oracle WebLogic, SAP NetWeaver, Sun ONE, and more

    Cloud and Virtual Infrastructures

    • Works with all major cloud platforms, including AWS, Azure, IBM Cloud, Google and VMware

    Supported Platforms for ICAPI Provider

    • Red Hat Enterprise Linux 5.4 and above
    • Microsoft Windows 2003, 2008 R2, and 7 in both 32-bit and 64-bit

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.