Vaults
Personal Encryption Keys
The use of Personal Encryption Keys in Cortex is a cornerstone of the platform's security. These keys play a vital role in decrypting your sensitive information, adhering to a "decrypt-and-forget" methodology. It's vital to safeguard these keys, as losing them means there's no way to retrieve your encrypted data.
Personal Encryption Keys are crucial for decrypting your sensitive information.
Cortex employs a "decrypt-and-forget" methodology, making the safekeeping of these keys imperative.
Remember, if you lose your Personal Encryption Key, there is no way to recover the encrypted information.
Runner-level and Application-level Vaults
Runner-level Vaults
Runner-level Vaults are designed to encrypt critical credentials like JVM Truststore and Keystore Passwords, as well as HTTP(S) connection details. You have the choice between using a dedicated Runner-level Vault for these credentials or opting for the default credentials Cortex generates. However, bear in mind that modifying these credentials after creating Runners can lead to downtime in your Applications due to the necessity of stopping the Runner.
Functionality: Encrypt credentials like JVM Truststore and Keystore Passwords, and HTTP(S) connection usernames and passwords.
Setup Option: Choose between setting up a Runner-level Vault or using default credentials generated by Cortex.
Note on Changes: Changing credentials post-creation can cause downtime in Applications due to the need to stop the Runner.
Application-level Vaults
On the other hand, Application-level Vaults focus on encrypting sensitive application information. This is achieved using a key-value pair methodology, where you define keys as identifiers or reminders for the actual sensitive data contained in the values. This approach ensures both security and ease of data retrieval when needed.
Purpose: Encrypt sensitive application information like URLs and passwords.
Method: Cortex uses a key-value pair methodology.
Keys: Serve as identifiers or reminders of the sensitive information.
Values: Contain the actual encrypted data.
Encryption Algorithms
Cortex provides robust encryption using the Advanced Encryption Standard (AES) with variants like AES-128, AES-192, and AES-256. Each variant is matched with Personal Encryption Keys of different lengths – 16, 24, and 32 characters, respectively, offering a range of security levels to suit your needs. These algorithms are at the forefront of modern encryption technology, ensuring your data is securely encrypted within Cortex.
Cortex employs the Advanced Encryption Standard (AES) for encryption.
Available Variants:
AES-128: Utilizes a 16-character Personal Encryption Key.
AES-192: Employs a 24-character Personal Encryption Key.
AES-256: Uses a 32-character Personal Encryption Key.
The "Vaults" page in Cortex is a powerful tool for maintaining the security and integrity of your sensitive data. By understanding and effectively utilizing the features of Runner-level and Application-level Vaults, along with the robust encryption algorithms available, you can ensure the highest level of security for your data within Cortex. Always remember the critical importance of securely managing your Personal Encryption Keys, as they are the cornerstone of your data's security in the Cortex environment.
Last updated