Availability on platforms/languages #
Server side #
It is where you can run Acra software that acts like a server (including AcraServer, AcraTranslator, AnyProxy and AcraConnector).
In most cases Linux will be used as a host OS, and we have:
- packages available for commonly used distros
- pre-built images compatible with Docker and most cloud Kubernetes providers like GCP/GKE and AWS/EKS
Alternatively, you can manually build Acra from sources under desired platform.
The server-side Acra components should not run on Windows OS as host OS, consider using any kind of full virtualization, including Docker for Windows.
Even if your infrastructure is Windows-based, you can run the server-side Acra components on a Linux server and connect to them from client-side apps running on Windows machines.
Cloud infrastructure #
Acra is cloud-agnostic. You can deploy Acra from Docker images to any cloud, or VPS, or physical servers.
Client side #
Depending on the planned mode of use, there are three approaches to connecting your application to Acra:
- directly to Acra as a regular SQL client (configure and deploy AcraServer and connect client-side app to it as if it’s SQL database to transparently encrypt, decrypt, (de)tokenise, (de)mask data);
- directly to Acra via HTTP / gRPC API (configure and deploy AcraTranslator and call API requests from client-side app to encrypt, decrypt, (de)tokenize data);
- integrating SDK into your application.
SQL client #
In this mode Acra looks “transparent” to your application in most cases. The only component needed is AcraServer (and optionally AcraConnector).
Continue with Guide: Integrating AcraServer into infrastructure.
API client #
In this mode your application knows that it should call AcraTranslator and send data fields to encrypt, decrypt, tokenise, detokenise.
Continue with Guide: Integrating AcraTranslator into infrastructure.
Another way of encrypting data before storing it in database is encrypting it in the application itself and then putting encrypted data in SQL query before executing it.
In this case you don’t rely on encryption by AcraServer or AcraTranslator and you can store such encrypted data directly in the database. Client-side encryption is useful for building partially or end-to-end encrypted data flows.
This is what AcraWriter does. Right now the following languages are supported:
AcraReader allows decrypting data inside the client-side application. Client-side decryption is useful for building partially or end-to-end encrypted data flows.
SDK for AcraTranslator #
Calling API from the app code requires writing code that performs requests, handles responses, reacts on errors, queue and repeat requests in case the network is unavailable, etc. We did this for you in a special SDK for AcraTranslator.