By Venkata Reddy Bhavanam
Author LinkedIn:https://www.linkedin.com/in/venkatareddybhavanam/
Role of Zelar:
Zelar developed a custom Kong plugin to enhance the client's security. The plugin integrated RSA encryption for robust data integrity and authentication and was adapted to support the client's unique signing string format. By modifying the open-source plugin code, Zelar seamlessly integrated the solution into the client's ecosystem, meeting their specific security requirements without disrupting ongoing operations.
About client:
The client, a leading digital bank in Indonesia, manages vast data critical to its operations, requiring intricate transformations across digital platforms. This process was time-consuming and prone to errors. By leveraging advanced technology and a customer-centric approach, the bank enhances its services, ensuring efficient and secure financial solutions while driving digital transformation in the Indonesian banking industry.
Problem Statement:
Need for Enhanced Security: The customer needed a solution that was not only covered by the current capabilities of Kong’s HMAC plugin but also covered the RSA encryption. This was mandatory in order fulfil their particular security requirements that use the asymmetric encryption methods.
Custom Signing String Format: The HMAC plugin was not capable of supporting the customer's unique signing string format that uses a different separator and specific attributes, which are vital for the security processes of the company.
Solution Provided:
Custom Plugin Development:
RSA Encryption Implementation: A custom plugin was created to include RSA encryption, providing secure and verifiable data integrity and authentication through a public/private key mechanism.
Adaptation to Custom Signing Formats: The custom plugin was tailored to fit the client's unique signing string format, including specific separators and attributes. It was maximally customized to be compatible with the client's security infrastructure and protocols.
Implementation:
The solution was to alter the open-source plugin code from the base of the GitHub repository of Kong to incorporate the required features. This method was effective, utilizing already available resources for that and the integration with Kong’s ecosystem was smooth.
Outcome:
The execution of the custom plugin has been successful in meeting the client’s specific security requirements, thus allowing them to keep the data security and integrity high level across their applications. The feedback showed that the solution worked perfectly and did not interfere with the present activities.
For more information: https://zelarsoft.com/
Top comments (0)