Encryption as a Service using Vault with Spring Boot

Database columns can be encrypted multiple ways. Most of the databases have built-in support to encrypt the values. For example, in Postgres we can use the function pgp_sym_encrypt and pgp_sym_decrypt. It has some disadvantages like every read/write operation will have some operation overhead and slow down the DB servers. Most of the database providers give an option to encrypt the values. Moreover, keys used for the encryption should be properly managed. And it is complicated to do within the realms of the database servers. In a distributed system, the computing costs should be kept minimal and databases have a very high i/o. And cryptographic functions use a big chunk of resources and it is a well-known fact. Most of the industries have regulatory requirements and protect sensitive data in an effective way. Finally, a common concern for engineers and security teams alike is to protect the data in transit and avoid eavesdropping. Encryption as a Service (EaaS) solves this problem and Hashicorp’s Vault has a transit engine which takes out the burden of encrypting the data in transit. Vault is already a default key management and secret management solution in most of the organizations and has been integration with popular

Continue reading

Distributed Tracing using Zipkin and Spring Cloud Sleuth

There is a growing trend in organizations to solve everything with Microservices. For a lot of modern-day applications still, a single node monolith is enough and a better choice. Microservices are not a silver bullet which will solve all our technical problems. It comes with its own baggage which has to be taken into consideration and is neatly explained by Martin Fowler here. Increased operational complexity in using Microservices is certainly an area of concern but it is a solvable problem. In order to handle the operational complexity one of the major concern while doing microservices, we need to get more insights about services, the time taken to complete a request, how they communicate with each other and so on. Importance of tracing in distributed systems have produced a lot of thought process among the development teams and Google’s Dapper paper has influenced one such amazing tracing library called Zipkin. Zipkin library has support for most of the widely used programming languages and is one of the most actively contributed open source projects. I happened to meet Adrian Cole one of the Zipkin’s core contributor who has shed more light on the importance of the tracing even though I have

Continue reading