========================================
Client-Side Field Level Encryption Guide
========================================
.. default-domain:: mongodb
.. contents:: On this page
:local:
:backlinks: none
:depth: 2
:class: singlecol
Who Is This Guide For?
----------------------
This use case guide is an introduction to implementing automatic
Client-Side Field Level Encryption using supported MongoDB drivers and is
intended for **full-stack developers**. The guide presents the following
information in the context of a real-world scenario:
- **How Client-Side Field Level Encryption works** (`Introduction`_)
- **Reasons to choose this security feature** (`Comparison of Security
Features`_)
- **How to implement Client-Side Field Level Encryption with the MongoDB
driver** (`Implementation`_)
.. admonition:: Download the Code
For a runnable example of all the functionality demonstrated in this guide,
see the `Download Example Project`_ section.
Introduction
------------
Applications frequently use and store sensitive data such as confidential
personal details, payment information, or proprietary data. In some
jurisdictions, this type of data is subject to governance, privacy, and
security compliance mandates. Unauthorized access of sensitive data or a
failure to comply with a mandate often results in significant reputation
damage and financial penalties. Therefore, it is important to keep
sensitive data secure.
MongoDB offers several methods that protect your data from unauthorized
access including:
* `Role-based access control <https://docs.mongodb.com/manual/core/authorization/>`_
* `TLS/SSL network transport encryption <https://docs.mongodb.com/manual/core/security-transport-encryption/>`_
* `Encryption at rest <https://docs.mongodb.com/manual/core/security-encryption-at-rest/>`_
Another MongoDB feature that prevents unauthorized access of data is
:manual:`Client-Side Field Level Encryption (CSFLE) </core/security-client-side-encryption/>`.
This feature allows a developer to selectively encrypt individual fields
of a document on the client-side before it is sent to the server. This
keeps the encrypted data private from the providers hosting the database
as well as any user that has direct access to the database.
This guide provides steps for setup and implementation of CSFLE with a
practical example.
.. note::
Automatic Client-Side Field Level Encryption is available starting in
MongoDB 4.2 Enterprise only.
Scenario
~~~~~~~~
In this scenario, we secure sensitive data on a Medical Care Management
System which stores patients' personal information, insurance
information, and medical records for a fictional company, *MedcoMD*.
None of the patient data is public, and certain data such as their
social security number (SSN, a US government-issued id number), insurance
policy number, and vital sign measurements are particularly sensitive and
subject to privacy compliance. It is important for the company and the patient
that the data is kept private and secure.
MedcoMD needs this system to satisfy the following use cases:
- Doctors use the system to access Patients' medical records, insurance
information, and add new vital sign measurements.
- Receptionists use the system to verify the Patients' identity, using a
combination of their contact information and the last four digits of
their Social Security Number (SSN).
- Receptionists can view a Patient's insurance policy provider, but not
their policy number.
- Receptionists cannot access a Patient's medical records.
MedcoMD is also concerned with disclosure of sensitive data through any
of the following methods:
- Accidental disclosure of data on the Receptionist's publicly-viewable
screen.
- Direct access to the database by a superuser such as a database
administrator.
- Capture of data over an insecure network.
- Access to the data by reading a server's memory.
- Access to the on-disk data by reading database or backup files.
What can MedcoMD do to balance the functionality and access restrictions
of their Medical Care Management System?
Comparison of Security Features
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The MedcoMD engineers review the Medical Care Management System
specification and research the proper solution for limiting access to
sensitive data.
The first MongoDB security feature they evaluated was :manual:`Role-Based Access
Control </core/authorization/>` which
allows administrators to grant and restrict collection-level permissions
for users. With the appropriate role definition and assignment, this
solution prevents accidental disclosure of data and access. However, it
does not prevent capture of the data over an insecure network, direct
access of data by a superuser, access to data by reading the server's
memory, or access to on-disk data by reading the database or backup
files.
The next MongoDB security features they evaluated were :manual:`Encryption at
Rest
</core/security-encryption-at-rest/>`
which encrypts the database files on disk and :manual:`Transport Encryption
using TLS/SSL
</core/security-transport-encryption/>`
which encrypts data over the network. When applied together, these two
features prevent access to on-disk database files as well as capture of
the data on the network, respectively. When combined with Role-Based
Access Control, these three security features offer near-comprehensive
security coverage of the sensitive data, but lack a mechanism to prevent
the data from being read from the server's memory.
Finally, the MedcoMD engineers discovered a feature that independently
satisfies all the security criteria. Client-side Field Level Encryption
allows the engineers to specify the fields of a document that should be
kept encrypted. Sensitive data is transparently encrypted/decrypted by
the client and only communicated to and from the server in encrypted
form. This mechanism keeps the specified data fields secure in encrypted
form on both the server and the network. While all clients have access
to the non-sensitive data fields, only appropriately-configured CSFLE
clients are able to read and write the sensitive data fields.
The following diagram is a list of MongoDB security features offered
and the potential security vulnerabilities that they address:
.. image:: /figures/CSFLE_Security_Feature_Chart.png
:alt: Diagram that describes MongoDB security features and the potential vulnerabilities that they address
MedcoMD will provide Receptionists with a client that is not configured
to access data encrypted with CSFLE. This will prevent them from viewing
the sensitive fields and accidentally leaving them displayed on-screen
in a public area. MedcoMD will provide Doctors with a client with CSFLE
enabled which will allow them to access the sensitive data fields in the
privacy of their own office.
Equipped with CSFLE, MedcoMD can keep their sensitive data secure and
compliant to data privacy regulations with MongoDB.
Implementation
--------------
This section explains the following configuration and implementation
details of CSFLE:
- Software required to run your client and server in your local development
environment.
- Creation and validation of the encryption keys.
- Configuration of the client for automatic field-level encryption.
- Queries, reads, and writes of encrypted fields.
Requirements
~~~~~~~~~~~~
MongoDB Server 4.2 Enterprise
- For installation instructions, refer to the
:manual:`Enterprise Edition Installation Tutorials </installation/#mongodb-enterprise-edition-installation-tutorials>`.
MongoDB Driver Compatible with CSFLE
- For a list of drivers that support CSFLE, refer to the
:manual:`driver compatibility table </core/security-client-side-encryption/#driver-compatibility-table>`.
File System Permissions
- The client application or a privileged user needs permissions to
start the :manual:`mongocryptd
</reference/security-client-side-encryption-appendix/#mongocryp
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
共304个文件
rst:68个
txt:64个
py:60个
资源分类:Python库 所属语言:Python 资源全名:snooty-lextudio-1.8.4.dev0.tar.gz 资源来源:官方 安装方法:https://lanzao.blog.csdn.net/article/details/101784059
资源推荐
资源详情
资源评论
收起资源包目录
Python库 | snooty-lextudio-1.8.4.dev0.tar.gz (304个子文件)
c-connection.c 1007B
cpp-connection.cpp 765B
DocumentationExamples.cs 65KB
csharp-connection.cs 2KB
.gitignore 140B
go-connection.go 845B
mypy.ini 44B
manual.inv 88KB
ecosystem.inv 2KB
java-connection.java 1KB
bio-eliot.jpg 1.71MB
bio-name.jpg 1.71MB
sample.jpg 7KB
node-connection.js 799B
sample_code.js 77B
LICENSE 11KB
Makefile 4KB
CHANGELOG.md 16KB
HACKING.md 5KB
code-of-conduct.md 3KB
RPC-methods.md 2KB
CHANGELOG.lextudio.md 736B
LICENSE.openssl 10KB
php-connection.php 425B
PKG-INFO 237B
placeholder 0B
purple.png 124KB
purple.png 124KB
compass-explain-plan-with-index-raw-json.png 115KB
pattern-green.png 82KB
pink.png 77KB
pink.png 77KB
compass-create-database.png 35KB
compass-create-database.png 35KB
sample.png 4KB
test_parser.py 68KB
parser.py 56KB
test_openapi.py 48KB
postprocess.py 44KB
rstparser.py 39KB
test_postprocess.py 25KB
test_postprocess_old_and_monolithic.py 23KB
openapi.py 16KB
language_server.py 16KB
diagnostics.py 13KB
nodes.py 12KB
specparser.py 12KB
flutter.py 11KB
main.py 10KB
util.py 10KB
n.py 10KB
test_language_server.py 9KB
legacy_guides.py 8KB
test_project.py 8KB
types.py 7KB
intersphinx.py 6KB
target_database.py 6KB
util_test.py 6KB
test_devhub.py 5KB
test_intersphinx.py 5KB
eventparser.py 5KB
pythonexample.py 5KB
test_extracts.py 5KB
steps.py 4KB
test_legacy_guides.py 4KB
test_steps.py 4KB
test_nodes.py 3KB
bump_version.py 3KB
lint_changelog.py 3KB
test_util.py 3KB
test_specparser.py 3KB
test_release.py 3KB
test_lint_changelog.py 3KB
release.py 3KB
test_landing.py 3KB
test_main.py 2KB
parse.py 2KB
page.py 2KB
extracts.py 2KB
published_branches.py 2KB
test_types.py 2KB
performance_report.py 2KB
cache.py 1KB
lsp.py 1KB
setup.py 1KB
test_bump_version.py 1KB
test_diagnostic.py 1KB
options.py 650B
test_parse.py 589B
apiargs.py 493B
python-connection.py 439B
sample_code.py 135B
__init__.py 125B
__init__.py 74B
__main__.py 31B
nodes.pyi 4KB
events.pyi 1KB
states.pyi 1KB
__init__.pyi 830B
collection.pyi 820B
共 304 条
- 1
- 2
- 3
- 4
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功