What is Machina?
Machina is a dynamic authorization engine with key management and other services that enable developers to add high-value data security to their applications with just a few lines of code. Based on ABAC (Attribute Based Access Policy), Machina combines attributes with keys to make and enforce policy decisions to allow or deny a request. This enables dynamic authorization for data access and other resources based on user, device, service, environment, and data attributes. With no background in cryptography, you can quickly and confidently add data protection and management to your application. Machina allows you to:
- Secure data in transit or at rest with minimal changes to application code.
- Control access to secured data across all of your applications in real time using a consistent policy framework.
- Optionally encrypt data using AES-256 CTR or GCM
- Get visibility into all successful and unsuccessful requests to access data, including the full context (requesting user, device, location, application, date and time of day, etc.)
Getting to Know Machina
Machina provides a highly scalable architecture for protecting and managing access to sensitive data. The platform consists of four API collections that a developer should understand when writing a Machina application:
- Key Management: create and request symmetric keys for the protection of sensitive data (Machina currently supports AES-256 CTR or GCM symmetric encryption by default)
- Data Markings: create and modify attributes for policy comparison
- User & Policy Management: maintaining users, groups and data access policies through SCIM and XACML compliant protocols
- Analytics: access to detailed logs about the creation and consumption of Machina-protected data
Using RESTful APIs and SDKs in Machina Tools, developers can easily add data security capabilities to applications that run on Windows, macOS, Linux, iOS, and Android devices using a variety of common programming languages.