Message-Level Security in Serverless Integration Built on Kumologica
This article shows how to implement 256 bit AES encryption for messages using Kumologica Encryption node.
Join the DZone community and get the full member experience.Join For Free
In today’s world, business relies heavily on digital infrastructure to maintain both the economic and social fabric of our society. This comes with greater responsibility for enterprise IT teams to ensure the security of data at rest and in transit. Enterprise businesses follow different security compliance protocols like GDPR to ensure maximum security for the data and infrastructure.
When it comes to security in the integration world, the security of data in transit is vital. In some business domains such as banks, medical & pharma, defense, etc. where sensitive data flows across different systems, the criticality is multifold. Transport-level security and message-level security are the most common security levels enforced when services are integrated between client and server or between servers. Multiple intermediary systems could exist between two end points when integrated. In such cases, message-level encryption (MLE) ensures that the content is encrypted during the intermediate hops where the traffic itself might be un-encrypted before it reaches the target system.
In this article, we will learn how to achieve message-level encryption using the AES 256 bit algorithm in a serverless integration flow with Kumologica. For those who are new to Kumologica, I recommend going through our articles and YouTube videos to get more insight. Kumologica is one of the early players in this space and brings the benefits of low-code integration in traditional integration to the new world of serverless.
In this use case, we have a credit card processing service that is going to invoke an internal credit card verification service. Since this is an intra-service communication, TLS security is not enabled. The message content flowing between the credit card processing service and verification service has to be encrypted using AES 256 bit encryption.
- Kumologica Designer installed on your machine: https://kumologica.com/download.html
- All keys generator: https://www.allkeysgenerator.com/
The implementation of the service will only focus on the message encryption mechanism and not on any functional logic related to credit card processing or verification.
Credit card verification service:
Opinions expressed by DZone contributors are their own.