Created by: vixentael
What is this Python project?
Acra is a network encryption proxy to protect databases and database-based applications from data leaks, allowing greater security for distributed applications via cryptography and intrusion detection.
AcraWriter is a part of Acra suite, a client-side library, which integrates into the app flow either through ORM or directly, and provides the means to encrypt the sensitive data.
What's the difference between this Python project and similar ones?
Acra doesn't have similar projects, however you might think about Vault's Encryption as a Service engine, but deployed in your own infrastructure, without leaking keys anywhere.
- Acra allows to selectively encrypt sensitive records with strong multi-layer cryptography in client-side application. Client-side app doesn't have decryption key, thus compromising app won't lead to stealing key and decrypting data in the database.
- Sensitive data is encrypted before being transmitted to the database, and decryption key is not stored on client side.
- Data is decrypted in trusted environment (on AcraServer).
- Acra allows to detect potential intrusions and SQL injections (using SQL firewall and poison records).
- Has SIEM integrations.
- Suits for distributed, microservice-rich environments.
- Has numerous examples and tutorials for Python client applications.
- Allows your application to cover GDPR articles 25, 32, 33, 34.
- Tested, supported, audited.
--
Anyone who agrees with this pull request could vote for it by adding a