Database Proxy

when running as a database proxy, jumpwire sits between the application and database and proxies the wire connection jumpwire will inspect sql queries that insert or retrieve data, transform column data if necessary, then return the results since jumpwire works with the existing database protocol, only the database connection parameters need to be updated for an application to connect through jumpwire for applications that don’t operate on sensitive data, they can continue to connect to the database directly example in this example, an application is configured to connect to postgresql through jumpwire the "last name" and "username" fields are both labeled as pii a policies docid\ xepswd3fg htpks0zn7pn is configured to automatically encrypt any fields that are labeled as pii only connections classified as confidential are allowed to retrieve the decrypted values when our application connects without any classification, it gets back valid data for most fields but encrypted versions of the pii fields updating the connection in the databases docid\ rx fnn4aau9eafcbjvsq settings to have a confidential classification allows the decrypted data to be retrieved after updating the classification, new queries will immediately return decrypted data without any application updates the same behavior can be seen when connecting directly to the database instead of connecting to jumpwire with an allowed classification attempting to bypass jumpwire will only allow the client to retrieve the data from postgresql in its encrypted format