ACRA 0.82.0 RELEASE

Summer moves on, Acra improves. This corridor of eclipses and Mercury retrograde gave life to the new version of Acra. Whole lotta updates to the already existing infrastructural elements. What else is new? AcraTranslator, for that matter — a lightweight server that receives AcraStructs stored anywhere and returns the decrypted data.

Previously Acra was closely tied to the database infrastructure, but AcraTranslator is a tool that allows storing AcraStructs wherever it is convenient — as cells in a database or as files in a file storage (local or cloud storage, like AWS S3). AcraTranslator doesn’t care about the source of the data, it accepts AcraStructs via HTTP or gRPC API. An application sends AcraStructs as binary data and receives plaintext from AcraTranslator.

We’ve improved AcraCensor's performance and SQL filtering by adding pattern matching: now you can blacklist or whitelist queries that match particular patterns, like SELECT %%COLUMN%% FROM company %%WHERE%%. Patterns provide more flexibility for blocking or allowing queries.

We constantly improve AcraCensor to make it useful for requests and preventing the SQL injections.

This is the last time we’re updating the documentation in the Acra GitHub repository Wiki. For your convenience and improved usability, from now on all the recent information, docs, tutorials, and live demos (yeah, stay tuned!) will be accessible through the Documentation Server. It’s still in a (very functional) beta, but don’t let some minor glitches discourage you — better report them and we might have a nice surprise for you ;).

Here are a few of other improvements in Acra 0.82.0:

Core

  • Updated AcraConnector to support connections with AcraTranslator (#206).

  • Improved logging (#242) (#214). AcraServer and AcraCensor cann’t leak sensitive query while logging the content (#216, #211).

  • Poison record detection for AcraServer and AcraTranslator can now be turned on and off (#240, #230, #215) (#232).

  • Improved key management (#202) and added configurable LRU cache for the in-memory keys for AcraServer and AcraTranslator (#219).

  • Added iOS/Objective-C AcraWriter library as CocoaPod, added examples and tests.

  • Improved handling of insert query parameter to simplify using AcraRollback from bash (#210).

  • And many more.

Infrastructure

  • Supporting Go version below 1.8 now (this will only affect the users who build Acra manually from sources).

  • Added AcraTranslator as pre-built binary and docker container (#222).

  • Added AcraTranslator and AcraConnector docker-compose files (#225).

  • Added AcraRollback and AcraPoisonRecordMaker as ready-to-use tools inside AcraTranslator and AcraServer Docker containers (#236).

Documentation

For all the details about the new release, see the new changelog.

Copyright © 2014-2018 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.