[SERVER-12436] Data at Rest Encryption Created: 22/Jan/14 Updated: 08/Sep/15 Resolved: 08/Sep/15 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security, Storage |
| Affects Version/s: | 2.5.4 |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Minor - P4 |
| Reporter: | bart loesley | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 5 |
| Labels: | encrypti, security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Mongo should provide Data at Rest Encryption managed transparently by the database layer, similar to modern relational databases. This will provide protection of the data in the event that the storage is compromised but will not impair the use of the database by valid users. |
| Comments |
| Comment by Andreas Nilsson [ 08/Sep/15 ] |
|
Encryption at Rest will be available in MongoDB 3.2. Closing this ticket as a duplicate of See http://docs.mongodb.org/master/release-notes/3.1-dev-series/ |
| Comment by yudho ahmad diponegoro [ 11/Mar/14 ] |
|
This feature is important in some use cases. One is where the application holds sensitive data from its clients. Data should be encrypted to gain client's trust that even the application owner (company) could not read the data without the key. One key is for one client and the client manages its own key. Key shall not change unless the re-encrypting process is tolerated. Encryption shall be in mongodb level, not in application level so that "number" and "float" type could be encrypted while at the same time still able to be aggregated. Encryption implementation shall be in database level |