What is OneDB?

OneDB is a secure database gateway designed to protect sensitive data directly at the database layer.

It sits between applications, users, APIs, and databases to help apply data protection, masking, access control, and activity visibility without requiring major changes to existing applications.

OneDB helps organizations reduce sensitive data exposure while maintaining operational control over database access.

Why OneDB?

Sensitive data is often accessed through applications, database tools, reporting systems, support activities, and internal operations.

In many environments, organizations have limited visibility into what data is being accessed, who is accessing it, and whether sensitive information is properly protected.

OneDB helps address this by placing a secure control layer between clients and databases.

With OneDB, organizations can:

• Protect sensitive data before it reaches unauthorized users
• Apply masking and protection policies consistently
• Monitor SQL activity passing through the gateway
• Reduce direct database exposure
• Support audit and compliance requirements
• Minimize changes to existing applications

How OneDB Works

OneDB works as an intermediary between the client and the database.

Applications or users connect to OneDB instead of connecting directly to the database. OneDB forwards authorized traffic to the backend database while applying configured security policies, masking rules, and audit logging.

This approach allows OneDB to protect sensitive data before it is returned to users or applications.

Key Capabilities

Secure Database Gateway

OneDB can operate as a proxy between applications and databases, allowing database traffic to pass through a controlled security layer.

Data Masking

OneDB can mask sensitive values returned from database queries based on configured policies.

Examples of sensitive data may include:

• Identity numbers
• Phone numbers
• Email addresses
• Account numbers
• Customer information

API-Based Data Protection

OneDB may also provide REST APIs for data protection operations such as masking, tokenization, detokenization, encryption, and decryption.

SQL Activity Visibility

OneDB can capture SQL activity passing through the gateway to help administrators understand database access patterns and support audit review.

Policy-Based Control

OneDB uses policies to define what data should be protected, when protection should be applied, and which users or systems are allowed to access sensitive data.

Deployment Models

OneDB as a Database Gateway

In this model, applications connect to OneDB instead of connecting directly to the database.

This model is suitable for database access control, SQL visibility, and sensitive data masking.

OneDB as an API Data Protection Service

In this model, applications call OneDB APIs to protect or reveal data.

This model is suitable for tokenization, masking, encryption, and application-level data protection.

OneDB as a Secure Access Layer

In this model, database users, administrators, or support teams access databases through OneDB.

This model is suitable for controlled database access, audit visibility, and masking for operational users.

Next Steps

To continue learning about OneDB, see the following sections:

• Setup Guide
• Admin Guide
• API Reference
• Release Notes