SlideShare a Scribd company logo

Pgp security mule

Download as PPTX, PDF
S
Sindhu VL

This document discusses how to configure Pretty Good Privacy (PGP) security on Mule connectors. PGP provides encryption and authentication for data communication. Key elements needed for PGP include a security manager, key manager, and credential accessor. The security manager holds encryption strategy and key rings. The key manager reads the key rings and requires configuration of public/secret rings, alias ID, and passphrase. The credential accessor determines the key ID to use for encryption/decryption based on message contents. Examples show configuring these elements and using encrypt/decrypt transformers.

Design
1 of 15
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
P R E S E N T E D B Y S I N D H U V L PGP Security - Mule
 Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.  This extension adds PGP security on connector communication. With PGP you can achieve end-to- end security communication with signed and encrypted messages between parties.
Encrypting and Decrypting :  To encrypt and decrypt messages you need to configure the following elements:  A security manager: responsible of holding a security provider, which contains the key rings, and the encryption strategy to be used. This allows for the encryption of all messages using the same key or to facilitate the use of different key rings.  A key manager: which is responsible for reading the key rings.  A credential accessor: which determines the key ring and key manager to be used to encrypt/decrypt the message being processed.
A full example is shown below:
 The pgpKeyManager (in the spring:beans tag) is the one responsible for reading the rings. You have to set all the parameters: public and secret rings, the alias id (the long value in the ring) and the secret passphrase. In the same section, you can see the credentials accessor which needs to implement the CredentialsAccessor interface basically returning the key id based on the message (MuleEvent). Finally thepgp:security-managerglues both beans.  You are ready to encrypt and decrypt messages in your flows. The following two flows show how to use the encrypt-transformer and decrypt-transformer to encrypt and decrypt files.
Pgp security mule
Configuring the Security Manager : Configuring the Key Manager :  To configure the Security Manager you need to reference your key manager and your encryption strategy. The Key manager is simple a reference to your key manager ring.  To configure your key manager you have to create a spring bean as shown before. You will need to set the public and secret ring files, the alias id and the secret passphrase. As Mule uses the bouncy castle library to encrypt/decrypt messages we recommend to obtain the alias id (as a long value) using this library. If Mule does not find your id in the ring it will throw an exception and it will list all the available ids in your ring.
Configuring a Credential Accessor :  To configure your credential accessor you need to define a class which determines your key id. For instance the following class (used in the example) returns always the same fixed string thus all the messages will be encrypted/decrypted using the same key id. If you need to use different key ids then return different strings according to the MuleEvent received as a parameter.
public class FakeCredentialAccessor implements CredentialsAccessor { private String credentials = "John Smith (TestingKey) <john.smith@somecompany.com>"; public FakeCredentialAccessor(){ } public FakeCredentialAccessor(String string){ this.credentials = string; } public String getCredentials(){ return credentials; } public void setCredentials(String credentials){ this.credentials = credentials; } public Object getCredentials(MuleEvent event){ return this.credentials; } public void setCredentials(MuleEvent event, Object credentials){ // dummy } }
Configuration Reference :  PGP Module  This extension adds PGP security on endpoint communication. With PGP you can achieve end-to- end security communication with signed and encrypted messages between parties. == Security manager === Attributes of <security-manager…> Name Type Requir ed Default Descrip tion
Child Elements of <security-manager…> : Name Cardinality Description security-provider 0..1 Security provider for PGP-related functionality. keybased-encryption- strategy 0..1 The key-based PGP encryption strategy to use.
Security provider :  Security provider for PGP-related functionality. === Attributes of <security-provider…> Name Type Required Default Descripti on keyManage r-ref string yes Reference to the key manager to use.
Child Elements of <security-provider…> : Name Cardinality Description Keybased encryption strategy •The key-based PGP encryption strategy to use. === Attributes of <keybased-encryption- strategy…>  table is as follows :
Name Type Required Default Description keyManager- ref string yes Reference to the key manager to use. credentialsAc cessor-ref string no Reference to the credentials accessor to use. checkKeyExp irity boolean no Check key expiration.
Thank You!!!!!!!!!

More Related Content

PPT
Mule security pgp with Example
D.Rajesh Kumar
 
PPT
Mule security - pgp
charan teja R
 
PPT
Mule security - pgp
himajareddys
 
PPTX
Using pgp with mule
Anil Kumar V
 
PPTX
Encrption in mule
Sindhu VL
 
PPT
Secure Sockets Layer and Transport Layer Security
Al Mamun
 
PPTX
Transport layer security (tls)
Kalpesh Kalekar
 
PPTX
Dprn3 u3 a1_ocov
Nicolay Stojakovic
 
Mule security pgp with Example
D.Rajesh Kumar
 
Mule security - pgp
charan teja R
 
Mule security - pgp
himajareddys
 
Using pgp with mule
Anil Kumar V
 
Encrption in mule
Sindhu VL
 
Secure Sockets Layer and Transport Layer Security
Al Mamun
 
Transport layer security (tls)
Kalpesh Kalekar
 
Dprn3 u3 a1_ocov
Nicolay Stojakovic
 

What's hot (20)

PPTX
Cryptology for security
Manish Kumar
 
PPTX
Cassandra
rezabehzadi3
 
PDF
Transport Layer Security - Mrinal Wadhwa
Mrinal Wadhwa
 
PDF
Web security at Meteor (Pivotal Labs)
Emily Stark
 
PPTX
TLS - Transport Layer Security
ByronKimani
 
PPT
ssl
sjyuva
 
PPTX
Ssl in a nutshell
Frank Kelly
 
PPTX
Introduction to SSL and How to Exploit & Secure
Brian Ritchie
 
PPTX
Transport layer security
Hrudya Balachandran
 
PPTX
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
DOCX
key-aggregate cryptosystem for scalable data sharing in cloud storage
swathi78
 
PPT
Sniffing SSL Traffic
dkaya
 
PDF
SSL Secure socket layer
Ahmed Elnaggar
 
PPT
SSL
theekuchi
 
PPT
SSL
Duy Do Phan
 
PPTX
Introduction to SSL/TLS
keithrozario
 
PDF
Basics of ssl
n|u - The Open Security Community
 
PPTX
Securing TCP connections using SSL
Sagar Mali
 
PPTX
WS - SecurityPolicy
Prabath Siriwardena
 
PPTX
All you need to know about transport layer security
Maarten Smeets
 
Cryptology for security
Manish Kumar
 
Cassandra
rezabehzadi3
 
Transport Layer Security - Mrinal Wadhwa
Mrinal Wadhwa
 
Web security at Meteor (Pivotal Labs)
Emily Stark
 
TLS - Transport Layer Security
ByronKimani
 
ssl
sjyuva
 
Ssl in a nutshell
Frank Kelly
 
Introduction to SSL and How to Exploit & Secure
Brian Ritchie
 
Transport layer security
Hrudya Balachandran
 
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
swathi78
 
Sniffing SSL Traffic
dkaya
 
SSL Secure socket layer
Ahmed Elnaggar
 
SSL
theekuchi
 
SSL
Duy Do Phan
 
Introduction to SSL/TLS
keithrozario
 
Basics of ssl
n|u - The Open Security Community
 
Securing TCP connections using SSL
Sagar Mali
 
WS - SecurityPolicy
Prabath Siriwardena
 
All you need to know about transport layer security
Maarten Smeets
 
Ad

Viewers also liked (20)

PDF
Email Security Overview
- Mark - Fullbright
 
PPTX
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
PPTX
Handson 1 (5/6)
Roberta Cuel
 
PPS
Pgp
Nilanjan Danda
 
PPT
Pretty good privacy
Alex Adipati
 
PDF
PGP based social network
José Moreira
 
PPTX
E mail security
Soumya Vijoy
 
PDF
Gnu Privacy Guard - Intro
O. R. Kumaran
 
PPTX
Using pgp with mule
Anil Kumar V
 
PDF
PGP and Enigmail
Tania Silva
 
PPTX
"Pretty Good Privacy": smuggling in the "Information Age"
Federico Costantini
 
PPT
Networksecurity&cryptography
Presentaionslive.blogspot.com
 
PPTX
Presentation1 new (1) (1)cf
toamma
 
PPT
Network Security Tools and applications
webhostingguy
 
PPTX
E securty
Yıldırım Tam
 
PPTX
Contaminacion del aire y de las aguas
Jorge Salazar
 
PDF
Basic Network Security_Primer
n|u - The Open Security Community
 
PPTX
Party pronto pres new
Steven Montgomery
 
PDF
Symantec Brightmail Gateway 9
Symantec
 
PDF
DataMotion-IG1-TheEvolutionofEncryption
Clint Walker
 
Email Security Overview
- Mark - Fullbright
 
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
Handson 1 (5/6)
Roberta Cuel
 
Pgp
Nilanjan Danda
 
Pretty good privacy
Alex Adipati
 
PGP based social network
José Moreira
 
E mail security
Soumya Vijoy
 
Gnu Privacy Guard - Intro
O. R. Kumaran
 
Using pgp with mule
Anil Kumar V
 
PGP and Enigmail
Tania Silva
 
"Pretty Good Privacy": smuggling in the "Information Age"
Federico Costantini
 
Networksecurity&cryptography
Presentaionslive.blogspot.com
 
Presentation1 new (1) (1)cf
toamma
 
Network Security Tools and applications
webhostingguy
 
E securty
Yıldırım Tam
 
Contaminacion del aire y de las aguas
Jorge Salazar
 
Basic Network Security_Primer
n|u - The Open Security Community
 
Party pronto pres new
Steven Montgomery
 
Symantec Brightmail Gateway 9
Symantec
 
DataMotion-IG1-TheEvolutionofEncryption
Clint Walker
 
Ad

Similar to Pgp security mule (20)

PPT
Mule security - pgp
vishnukanthro45
 
PDF
PGP Encryption And Decryption With Mule ESB
Jitendra Bafna
 
PPTX
Ahmadabad mule soft_meetup_17april2021_mule4_cryptography
Shekh Muenuddeen
 
PPTX
Mulesoft Meetup Cryptography Module
ManjuKumara GH
 
PPT
PGP S/MIME
Sou Jana
 
PPTX
Mulesoft encryption
Jagruti Sakhare
 
PPTX
CryptoGraphy Module in Mulesoft
shyamraj55
 
PPT
Pgp
Reham Maher El-Safarini
 
PPTX
module 4_7th sem_ Electronic Mail Security.pptx
prateekPallav2
 
PDF
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
aryalmadhave123
 
PPTX
Email sec11
Athira Asakumar
 
PPT
Pgp smime
Tania Agni
 
PPTX
Pretty good privacy
Punnya Babu
 
PDF
Network security cs9 10
Infinity Tech Solutions
 
PDF
unit4_securitypractice(oncase study).ppt
fbshah
 
PPT
Lecture 8 mail security
rajakhurram
 
PPT
Email2
Sushant Sharma
 
PPT
email.ppt
KaivanParikh
 
DOCX
Pgp
Abhishek Kesharwani
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Mule security - pgp
vishnukanthro45
 
PGP Encryption And Decryption With Mule ESB
Jitendra Bafna
 
Ahmadabad mule soft_meetup_17april2021_mule4_cryptography
Shekh Muenuddeen
 
Mulesoft Meetup Cryptography Module
ManjuKumara GH
 
PGP S/MIME
Sou Jana
 
Mulesoft encryption
Jagruti Sakhare
 
CryptoGraphy Module in Mulesoft
shyamraj55
 
Pgp
Reham Maher El-Safarini
 
module 4_7th sem_ Electronic Mail Security.pptx
prateekPallav2
 
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
aryalmadhave123
 
Email sec11
Athira Asakumar
 
Pgp smime
Tania Agni
 
Pretty good privacy
Punnya Babu
 
Network security cs9 10
Infinity Tech Solutions
 
unit4_securitypractice(oncase study).ppt
fbshah
 
Lecture 8 mail security
rajakhurram
 
Email2
Sushant Sharma
 
email.ppt
KaivanParikh
 
Pgp
Abhishek Kesharwani
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 

More from Sindhu VL (20)

PPTX
Mule - error handling
Sindhu VL
 
PPTX
Mule - beginners guide
Sindhu VL
 
PPTX
Core concepts - mule
Sindhu VL
 
PPTX
Error handling with respect to mule
Sindhu VL
 
PPTX
Core concepts in mule
Sindhu VL
 
PPTX
Basics of mule for beginners
Sindhu VL
 
PPTX
Mule testing
Sindhu VL
 
PPTX
Mule securing
Sindhu VL
 
PPTX
Mule debugging
Sindhu VL
 
PPTX
Service orchestration by using flows
Sindhu VL
 
PPTX
Configuration patterns in mule
Sindhu VL
 
PPTX
Bindings of components in mule
Sindhu VL
 
PPTX
Using maven with mule
Sindhu VL
 
PPTX
Using mule configuration patterns
Sindhu VL
 
PPTX
Using flows for service orchestration
Sindhu VL
 
PPTX
Component bindings in mule
Sindhu VL
 
PPTX
Mule requestor component
Sindhu VL
 
PPTX
Concepts in mule
Sindhu VL
 
PPTX
Enterprise service bus mule
Sindhu VL
 
PPTX
Mule errors
Sindhu VL
 
Mule - error handling
Sindhu VL
 
Mule - beginners guide
Sindhu VL
 
Core concepts - mule
Sindhu VL
 
Error handling with respect to mule
Sindhu VL
 
Core concepts in mule
Sindhu VL
 
Basics of mule for beginners
Sindhu VL
 
Mule testing
Sindhu VL
 
Mule securing
Sindhu VL
 
Mule debugging
Sindhu VL
 
Service orchestration by using flows
Sindhu VL
 
Configuration patterns in mule
Sindhu VL
 
Bindings of components in mule
Sindhu VL
 
Using maven with mule
Sindhu VL
 
Using mule configuration patterns
Sindhu VL
 
Using flows for service orchestration
Sindhu VL
 
Component bindings in mule
Sindhu VL
 
Mule requestor component
Sindhu VL
 
Concepts in mule
Sindhu VL
 
Enterprise service bus mule
Sindhu VL
 
Mule errors
Sindhu VL
 

Recently uploaded (20)

PDF
Urban Design Final Project-Site Analysis
nicolebrog1
 
PPT
WHY_R12 Uaafafafpgradeaffafafafaffff.ppt
VijayalakshmiGanesh3
 
PPTX
rapid fire quiz in your house is your india.pptx
rishikjjwala
 
PPTX
ANATOMY OF ANTERIOR CHAMBER ANGLE AND GONIOSCOPY.pptx
SauravAggarwal12
 
PPTX
HPE Aruba-master-icon-library_052722.pptx
ManalWong
 
PDF
Key Trends in Website Development 2025 | B3AITS - Bow & 3 Arrows IT Solutions
B3AITS - Bow & 3 Arrows IT Solutions
 
PDF
The Advantages of Working With a Design-Build Studio
Douglah Designs
 
PDF
Trusted Executive Protection Services in Ontario — Discreet & Professional.pdf
secureshields25
 
PPT
pump pump is a mechanism that is used to transfer a liquid from one place to ...
gunjankolhezn
 
PPTX
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
PPTX
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
PDF
Quality Control Management for RMG, Level- 4, Certificate
Mohammad Anamul Haque Nayan
 
PPTX
building Planning Overview for step wise design.pptx
SamuelJohnson540488
 
PPTX
DOC-20250430-WA0014._20250714_235747_0000.pptx
gameon41
 
PPTX
Complete Guide to Microsoft PowerPoint 2019 – Features, Tools, and Tips"
asmathmohamed2004
 
PDF
Phone away, tabs closed: No multitasking
NaziaNowrin2
 
PPTX
CLASS_11_BUSINESS_STUDIES_PPT_CHAPTER_1_Business_Trade_Commerce.pptx
PRITTHAKKAR7
 
PPTX
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
PDF
Emailing DDDX-MBCaEiB.pdf DDD_Europe_2022_Intro_to_Context_Mapping_pdf-165590...
PrathikT1
 
PPTX
Tenders & Contracts Works _ Services Afzal.pptx
navilasatheesh
 
Urban Design Final Project-Site Analysis
nicolebrog1
 
WHY_R12 Uaafafafpgradeaffafafafaffff.ppt
VijayalakshmiGanesh3
 
rapid fire quiz in your house is your india.pptx
rishikjjwala
 
ANATOMY OF ANTERIOR CHAMBER ANGLE AND GONIOSCOPY.pptx
SauravAggarwal12
 
HPE Aruba-master-icon-library_052722.pptx
ManalWong
 
Key Trends in Website Development 2025 | B3AITS - Bow & 3 Arrows IT Solutions
B3AITS - Bow & 3 Arrows IT Solutions
 
The Advantages of Working With a Design-Build Studio
Douglah Designs
 
Trusted Executive Protection Services in Ontario — Discreet & Professional.pdf
secureshields25
 
pump pump is a mechanism that is used to transfer a liquid from one place to ...
gunjankolhezn
 
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
Quality Control Management for RMG, Level- 4, Certificate
Mohammad Anamul Haque Nayan
 
building Planning Overview for step wise design.pptx
SamuelJohnson540488
 
DOC-20250430-WA0014._20250714_235747_0000.pptx
gameon41
 
Complete Guide to Microsoft PowerPoint 2019 – Features, Tools, and Tips"
asmathmohamed2004
 
Phone away, tabs closed: No multitasking
NaziaNowrin2
 
CLASS_11_BUSINESS_STUDIES_PPT_CHAPTER_1_Business_Trade_Commerce.pptx
PRITTHAKKAR7
 
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
Emailing DDDX-MBCaEiB.pdf DDD_Europe_2022_Intro_to_Context_Mapping_pdf-165590...
PrathikT1
 
Tenders & Contracts Works _ Services Afzal.pptx
navilasatheesh
 

Pgp security mule

  • 1. P R E S E N T E D B Y S I N D H U V L PGP Security - Mule
  • 2.  Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.  This extension adds PGP security on connector communication. With PGP you can achieve end-to- end security communication with signed and encrypted messages between parties.
  • 3. Encrypting and Decrypting :  To encrypt and decrypt messages you need to configure the following elements:  A security manager: responsible of holding a security provider, which contains the key rings, and the encryption strategy to be used. This allows for the encryption of all messages using the same key or to facilitate the use of different key rings.  A key manager: which is responsible for reading the key rings.  A credential accessor: which determines the key ring and key manager to be used to encrypt/decrypt the message being processed.
  • 4. A full example is shown below:
  • 5.  The pgpKeyManager (in the spring:beans tag) is the one responsible for reading the rings. You have to set all the parameters: public and secret rings, the alias id (the long value in the ring) and the secret passphrase. In the same section, you can see the credentials accessor which needs to implement the CredentialsAccessor interface basically returning the key id based on the message (MuleEvent). Finally thepgp:security-managerglues both beans.  You are ready to encrypt and decrypt messages in your flows. The following two flows show how to use the encrypt-transformer and decrypt-transformer to encrypt and decrypt files.
  • 7. Configuring the Security Manager : Configuring the Key Manager :  To configure the Security Manager you need to reference your key manager and your encryption strategy. The Key manager is simple a reference to your key manager ring.  To configure your key manager you have to create a spring bean as shown before. You will need to set the public and secret ring files, the alias id and the secret passphrase. As Mule uses the bouncy castle library to encrypt/decrypt messages we recommend to obtain the alias id (as a long value) using this library. If Mule does not find your id in the ring it will throw an exception and it will list all the available ids in your ring.
  • 8. Configuring a Credential Accessor :  To configure your credential accessor you need to define a class which determines your key id. For instance the following class (used in the example) returns always the same fixed string thus all the messages will be encrypted/decrypted using the same key id. If you need to use different key ids then return different strings according to the MuleEvent received as a parameter.
  • 9. public class FakeCredentialAccessor implements CredentialsAccessor { private String credentials = "John Smith (TestingKey) <john.smith@somecompany.com>"; public FakeCredentialAccessor(){ } public FakeCredentialAccessor(String string){ this.credentials = string; } public String getCredentials(){ return credentials; } public void setCredentials(String credentials){ this.credentials = credentials; } public Object getCredentials(MuleEvent event){ return this.credentials; } public void setCredentials(MuleEvent event, Object credentials){ // dummy } }
  • 10. Configuration Reference :  PGP Module  This extension adds PGP security on endpoint communication. With PGP you can achieve end-to- end security communication with signed and encrypted messages between parties. == Security manager === Attributes of <security-manager…> Name Type Requir ed Default Descrip tion
  • 11. Child Elements of <security-manager…> : Name Cardinality Description security-provider 0..1 Security provider for PGP-related functionality. keybased-encryption- strategy 0..1 The key-based PGP encryption strategy to use.
  • 12. Security provider :  Security provider for PGP-related functionality. === Attributes of <security-provider…> Name Type Required Default Descripti on keyManage r-ref string yes Reference to the key manager to use.
  • 13. Child Elements of <security-provider…> : Name Cardinality Description Keybased encryption strategy •The key-based PGP encryption strategy to use. === Attributes of <keybased-encryption- strategy…>  table is as follows :
  • 14. Name Type Required Default Description keyManager- ref string yes Reference to the key manager to use. credentialsAc cessor-ref string no Reference to the credentials accessor to use. checkKeyExp irity boolean no Check key expiration.