Machina allows any developer to add data trust services to their application with a few lines of code that provide a consistent approach to data visibility, control, and protection.
With our latest SDK release (v 1.4), we continue to add more flexibility to enable developers to apply the right security posture across structured or unstructured data and the context of their application.
Some of the more exciting enhancements in this release give a developer far more control over key management and applying context-based data protection. These features extend the core value proposition of using Ionic Machina to uniformly enforce contextual data security policies no matter the repository based on user, device, time, network, location — and ultimately data.
Machina Tools allows developers to associate a set of attributes with a key at the time of creation. Until recently, these attributes were fixed at the time of key creation — any change to a given attribute, like associating a different classification with some protected data — required the creation of a new key. It is now possible to define two sets of attributes when creating a key: a set of fixed attributes as before and a second set of “mutable” attributes that can be modified by subsequent “update key” requests – based on Machina’s powerful attribute-based access-control (ABAC) policy engine. This feature is now accessible from all supported languages.
Support for External Identifiers
It is now possible to associate external identifiers with keys, and to request keys based on their previously associated external identifiers (in addition to or instead of the key tags). These associations can be made at creation time via the ‘ionic-external-id’ attribute.
Additional details are available here.
“Shared Secret” Persistors
Machina Tools — SDK now supports a new interface for profile storage, SecretShareData (in addition to the many methods supported already). Implementations of this interface are used to generate a cryptography key from data supplied by the implementation. This feature allows the information in a “secure enrollment profile” to be encrypted using information gleaned from the computing environment. By associating characteristics specific to a given environment, applications can be launched and configured without relying on manual or explicit parameter-based authentication.
These are some of the enhancements to Machina Tools in the latest release that benefit all users of the engine. Learn more about the types of solutions our customers and partners are building with Machina.
Machina Tools — SDK , v. 1.4, allows application developers to leverage the power of the engine from a variety of programming languages including C++, C, Objective-C, C#, Java, and Python. Get started using the SDK at ionic.com/developers.