Menu
Is it possible to encrypt certain Mongodb field for particular collection when the document is being inserted? And then decrypt it while publishing the collection?
502
asked Nov 10 '14 01:11
MongoDB Enterprise 3.2 introduces a native encryption option for the WiredTiger storage engine. This feature allows MongoDB to encrypt data files such that only parties with the decryption key can decode and read the data.
Enforce Field Level Encryption Schema Starting with MongoDB 4.2, the server supports using schema validation to enforce encryption of specific fields in a collection. Use the automatic encryption rule keywords with the $jsonSchema validation object to indicate which fields require encryption.
On the client side, mongodump does not encrypt the data when writing. This means that if you need the backup to be encrypted, you will need to encrypt the backup files after the backup completes.
To encrypt data at rest, MongoDB Enterprise offers native, storage-based symmetric key encryption at the file level. Whole database encryption is also called Transparent Data Encryption (TDE).
I'm not sure if this is overkill for your use case:
Mylar is a Meteor module which supports client-side encryption.
Mylar stores only encrypted data on the server, and decrypts data only in users' browsers. [...] Mylar allows the server to perform keyword search over encrypted documents, even if the documents are encrypted with different keys. [...] Finally, Mylar ensures that client-side application code is authentic, even if the server is malicious. Results with a prototype of Mylar built on top of the Meteor framework are promising
You didn't ask for a framework, but homebred security is often done wrong.
118
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
