In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)

Question

There is a growing trend to utilize more In-Memory Storage for a wide variety of use cases from big data analytics (Spark) to faster processing power (MemSQL) to caching (Redis) most frequently accessed data before making a trip to disk based RDBMS. AWS Elasticache is an example this. One architectural 'Best Practice' I've heard recently is to cache everything first. Then make trips to disk only for less used (cold) data.

With this growing trend to leverage more in-memory storage, I've not seen very much written about securing these data stores along with potential associated vulnerabilities that come along with them. When I asked Amazon if there is encryption available for Elasticache data they said no.

In addition, I'm not sure if traditional data storage security guidelines apply in the same manner as disk based storage for regulated agencies. For example, encrypting data at rest (DAR) is a NIST requirement for sensitive data (e.g. PII, PHI) in the cloud. Does this same standard apply to data which only exists in-memory? If not, is that really a good idea? Have NIST and other security organizations even considered the potential attack vectors in this space yet? If so, are there any published guidelines out there for in-memory storage? Or are we supposed to infer from old rules/regulations/guidelines and then extrapolate into this storage environment?

Any thoughts on Securing In-Memory Data Stores appreciated, especially from those who've had to certify the security of their systems through third-party assessors.

Answer 1

Encrypting in-memory data stores/caches is generally not done because all the working data is stored in RAM and so will the encryption key at some point and if an attacker has access to the memory of the system, he will have access to the means to decrypt the data or have means to access the data after decryption so it is not providing any additional security.

The best practice is to prevent unauthorized access from an external process or machine by making sure you have Threat Modeling done for your application. This will bring to light all the ways an attacker can get access to your data or attack it. There are several methodologies for Threat Modeling and the one I have used is STRIDE. There is a free tool which Microsoft provides which is useful to create Threat Models using this methodology. This is not specific to in-memory databases but more holistic as it covers aspects of security for a given application.