2

I am storing sensitive information within RavenDB relating to employee performance reviews. As such, I need a simple first-line-of-defence against curious db admins, to prevent them from browsing the data.

I would class this as client-side encryption (although it need not be TNO) just really to obfuscate the data, however, in such a way that it obviously does not impact indexability.

Notes:

  1. I am aware that indexed fields will remain unencrypted in Lucene.

  2. I would really like to maintain document schema browsability if possible, so if someone were to use Raven Studio, they would see something like this (they can see the schema, not the data):

    { WhatIThinkOfMyManager: 'jfjsd83hfdljdf983nofs==', AmIHappyWithMyPayLevel: false }

Are there any facilitiesin Raven for this? And how do I go about it?

4

1 回答 1

1

RavenDB 1.2 支持对磁盘上的数据(包括索引)进行加密。但是有权访问数据的管理员可以看到它的解密形式。

您可能希望将数据存储在使用您自己的代码加密的 RavenDB 中。

于 2012-10-09T11:01:31.393 回答