View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
June 19, 2019

MongoDB’s “Field Level Encryption” Puts Database Secrets in Customer Hands

Application code can run continue to run unmodified for most database read and write operations

By CBR Staff Writer

MongoDB’s inclusion of what it dubs “Field Level Encryption” in the latest version of its core database, MongoDB 4.2, was among the most talked-about releases at its conference in New York this week.

Field Level Encryption lets users encrypt specific database fields with their own key, whilst allowing application code to run unmodified for most database read and write operations (meaning developers don’t need to modify their query code).

The aim is simple: tackle data breaches caused by attackers gaining system admins’ logins; while ending the ability of vendors to spy on their customers.

Execution has not been as simple: it has taken two years, 16 developers and some searching third-party key management audits by Brown University’s Seny Kamara; ETH Zurich’s Kenny Paterson; and Boston’s Aroki Systems. (As MongoDB’s Kenn White puts it: “We run on Windows, Mac, Mainframes: We’re targeting 12 languages; Python, Perl, Ruby, Node, Java… it’s a big ecosystem.”)

Read this: MongoDB Launches Atlas Data Lake for S3, Vision for Realm, New Features

The approach sees the encryption (coming as a beta preview next week, with general availability later this summer) totally separated from the database, transparent to the server and handled exclusively within the MongoDB drivers on the client side: the server only sees encrypted binary data.

Raw key material is never persisted to disk (in-memory only) and field keys are secured in hardware security module (HSM)-backed key management services. Individual fields within collections can be marked as encrypted, and keys can be used on a per-field, per-document basis.

Out of the box, Field Level Security will be available for MongoDB running on AWS, with Azure and Google Cloud alternatives in the pipeline (MongoDB declined to give an ETA). The encryption itself is AES-256 and SHA-2 based.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

But as Kenn White told a crowded session at MongoDB’s New York conference this week: “The encryption itself was five percent of the effort: we had to take the query parsing engine that lived in our server and take it client-side. That’s a major engineering effort!”

Davi Ottenheimer, Head of Product Security, MongoDB, told Computer Business Review: “We already had three levels of encryption: in Atlas for example, we had the hardware, the operating system and the drivers themselves and then encrypted storage engines. Then we added in key management with the KMIP key management protocol.”

“[but] customers are asking for innovation… GDPR is also driving this. Without GDPR I don’t think we’d be talking here today about encryption.”

See also: Microsoft Open Sources Homomorphic Encryption Library “SEAL”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU