Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-56529

Protect data using asymmetric crypto

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major - P3
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Backlog
    • Component/s: None
    • Labels:
      None

      Description

      Attn: Salman Baset

      There are use cases when product could benefit from asymmetric data encryption, where a public key is used for encrypting data, and it can only be decrypted using private key. Benefit of this encryption type is that encryption key needs no protection. Data encrypted using said key can not be decrypted using same key.

      Scenarios:

      • Encrypt audit log. It will be impossible for sysadmin to examine the log to learn what is in it
      • Encrypt patient medical data, such as: blood test. Every lab is given the same key (no need for key managenent). Lab is able to upload blood test results, but it will be unable to read it, not it can read any test results other labs produced.
      • Atlas could create database backup for a customer, which would only be readable by said customer, not by Atlas or anyone else.

        Attachments

          Activity

            People

            Assignee:
            backlog-server-security Backlog - Security Team
            Reporter:
            sergey.galtsev Sergey Galtsev
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: