Implemented secure sensitive data storage using Hashicorp Vault.
The project requirements included the ability to securely store highly-sensitive information, such as bank account numbers and Social Security Numbers, from multiple apps; a legacy application as well as a greenfield app in a different programming language.
Using the ORM/persistence layers in both applications I implemented a system that would transparently tokenize specific fields. On writes a random token would be stored in the database while the real, sensitive value was stored in Hashicorp Vault. On reads the token would be read from the Hashicorp Vault and the real value provided to in-memory objects. This process was transparent to the end user and successfully encrypted sensitive data from both applications.
Technologies used in this feature included Java, Spring Boot, Ruby on Rails, Ember.js, Postgres, and Hashicorp Vault.
The project requirements included the ability to securely store highly-sensitive information, such as bank account numbers and Social Security Numbers, from multiple apps; a legacy application as well as a greenfield app in a different programming language.
Using the ORM/persistence layers in both applications I implemented a system that would transparently tokenize specific fields. On writes a random token would be stored in the database while the real, sensitive value was stored in Hashicorp Vault. On reads the token would be read from the Hashicorp Vault and the real value provided to in-memory objects. This process was transparent to the end user and successfully encrypted sensitive data from both applications.
Technologies used in this feature included Java, Spring Boot, Ruby on Rails, Ember.js, Postgres, and Hashicorp Vault.