For encrypting certain properties of a resource, you can use the Encryption Handler by adding the following config to registry.xml (as described in this thread):
<handler class="org.wso2.carbon.registry.extensions.handlers.EncryptionHandler">
<property name="propertyNames">foo,bar</property>
<property name="encryptContent">true</property>
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
<property name="mediaType">application/vnd.wso2.foo</property>
</filter>
</handler>
To secure the secret information in WSO2 Carbon configuration files you can use secure vault as described here.