For context, we are working in a SaaS product for clients (even from different companies in the future) to use it as a tool to integrate different AI services (custom and proprietaries) in a secured and controlled manner.
Among many more, we have this specific use case, where a knowledge worker would leverage a given AI model’s capabilities to get an optimized output based on some interactions this user has had with the model. This output could then be saved to be shared or reused down the line.
Regarding our product’s general architecture, we have a React frontend client, a gateway for the API, a set of Lambdas associated to different endpoints and a group of DynamoDB tables for different entities we have currently.
In the end, we want part of the information the user is handling, for instance the content from the AI’s model output, and some other sensitive information to be encrypted and only be read, managed or transformed by the intended recipient.
As an important caveat and dealbreaker, we have a searching feature in the app whose business logic interacts with the databases to retrieve the results that were previously persisted according to specific matches (keywords).
Let’s say we want some sensitive properties, in one of our data structures, to be encrypted but at the same time it’s key that information is still searchable by the right recipient and here lies the origin of our research.
We have been delving into the AWS Encryption SDK documentation which I guess, correct me if I’m wrong, is a general-purpose encryption solution but, in the other side, I have come across this feature (Searchable encryption) in the AWS Database Encryption SDK which is a different library altogether and both SDK’s cannot interoperate with each other due to different encryption outcomes, right?
Sorry if it’s still not clear enough but according to the above and your experience, which solution would you think should be more suitable for us? or in general, where should I keep delving into more to avoid as much as possible going back and forth among different solutions, documentation, etc?
What I have tried:
From now, we are just researching the best solution for us.