DCP Cloud Native Integration

Department of Computer Science and Engineering

Project Abstract

One of comforte's key focus areas is enterprise wide data-centric protection. There are various mechanisms that can be used for data-centric protection, with one of the most prevalent ones nowadays being tokenization, more specifically, security tokenization, aka. low value tokenization. comforte today offers a data-centric protection suite, SecurDPS, which includes tokenization as one of the key techniques to protect sensitive data.

The general goal of comforte is not just to provide the protection technology, but also to make it as easy as possible for customers to integrate SecurDPS in various applications and services. Given the continuously growing adoption of cloud(-native) frameworks, technologies and new architecture paradigms like "serverless" or "Function as a Service" (FaaS), the overarching goal of this project is to make integration of SecurDPS into cloud(-native) environments easy. The integration of SDPS in FaaS enables us to extrapolate the benefits of the as-a-Service platform including but not limited to reduction in cost for server management, pay for what you consumed, event driven function invocation in almost any languages, and much more.

To achieve this overarching goal the key objective of this project is to design and build the capabilities to allow consumption of protection service provided by SecurDPS in a serverless/FaaS way, and in support of some key serverless/FaaS frameworks. We successfully built these capabilities with 4 frameworks, OpenFaaS, Knative, Kubeless, and Azure Functions. Our implementation allows users to easily access these tokenization services from anywhere, for example, one could send a curl request to a server set up with our project, and the data they sent would come back tokenized. This broadens access to these tokenization services significantly, and removes much of the setup overhead for comforte's clients.

Project presentation

Project demo