IWD 2023: Protect sensitive data in pipeline with Tink and Cloud KMS as Envelope Encryption

Burasakorn Sabyeying

Published in

Mils’ Blog

2 min readApr 25, 2023

THIS BLOG CONTAINS SLIDE LINK ! #WTMDareToBe

TLDR;

Here is the slide:

You can go directly to the above link to download the slides

Hello, my name is Burasakorn Sabyeying. You can call me ‘Mils’. Currently, I’m a Data Engineer at CJ Express and Women Techmakers Ambassador in Bangkok.

Last Sunday (April 23, 2023), we organized the biggest event of the year on behalf of Women Techmakers, the International Women Day’s event, which partnered with GDG Cloud Bangkok to celebrate IWD in the DareToBe theme.

One of the sessions we have is the topic “Protect sensitive data in pipeline with Tink and Cloud KMS as Envelope Encryption”

which talks about what is data encryption and how can we apply it to protect sensitive data in the data pipeline as a data engineer. To perform that, we use Tink and Cloud Key Management Service (Cloud KMS) as the client-side encryption or the other name — envelope encryption.

Envelope encryption is the concept of encrypting a key with another key which are

Data Encryption Key (DEK)
Key Encryption Key (KEK)

I also talk about what the data pipeline looks like at CJ Express and the requirement and challenge we get as the data engineer.

So feel free to check this out and download the slides 😀

and follow my FB page for more tech contents:
https://www.facebook.com/milsblog/

Thank you !

IWD 2023: Protect sensitive data in pipeline with Tink and Cloud KMS as Envelope Encryption

TLDR;

Written by Burasakorn Sabyeying