11

How can I achieve the following goals?

  • All compute and storage to be located in the cloud.
  • Encryption in transit of all data between web nodes and db nodes running MongoDB.
    • How to set up tunnels? Which protocols/tools?
  • Encryption at rest of all data stored in MongoDB.
  • All data is backed up (also to the cloud) frequently.
    • Backups are encrypted in transit and at rest.
  • All encryption and key management concerns are handled in the infrastructure, not in the application.
    • Should not require any changes to the application code.
  • Keys for all at-rest encryption can be rotated regularly.
    • The key rotation process is simple, scriptable, automatable.
    • Data stored in the past should be retrievable at any time, even after arbitrarily many key rotations.
    • Backups should be retrievable for some period of time: they should survive at least one key rotation.

Please post, even if you only have partial answers or answers to a single bullet point. A solution to one sub-goal is part of the solution to the overall goal.

Thanks in advance for your answers!

AviD
  • 72,138
  • 22
  • 136
  • 218
yfeldblum
  • 2,807
  • 20
  • 13

2 Answers2

7

Your requirements aren't cloud specific. This same solution will work with a traditional hosting. The hallmark of cloud computing is dynamic resource consumption by booting up VM's only when you need them.

1)As far as I know MongoDB doesn't support SSL. In order to have a secure connection to MongoDB you'll have to use a VPN to create a safe tunnel.

2)It is almost always better to encrypt the data prior to inserting it into your database. From a secuirty perspective if your database is taking care of encryption then it requires a key and the database is compromised then the encrypted data is also compromised. This should be taken care of by your application, also note that a stream cipher will produce smaller messages and save space. Stream ciphers are safe if used properly, (unique IV for each message).

3) There are many backup services that use encryption. If you are rolling your own then i recommend using the open source project Bacula.

rook
  • 46,916
  • 10
  • 92
  • 181
  • The VPN's I'm familiar with set up an encrypted tunnel between two networks (or between a computer and a network). But data in transit, once it's inside the network, is unencrypted. How can I encrypt all communications containing the webapp data inside the network? – yfeldblum Apr 11 '11 at 21:29
  • @Justice You have to ask your self the question: "Who am I trying to keep a secret from." If you have a VPN connection between two servers then it allows a secure channel in which these two servers can safely share information. For a cluster than can easily be expanded by adding more hosts to the VPN. – rook Apr 11 '11 at 21:38
  • @Justice Using a VPN like this is called a tunnel. You are using your own encrypted transport layer so you don't need to rely on an application supporting ssl. – rook Apr 11 '11 at 21:46
  • Awesome - do you have any favorite tools/techniques to set up encrypted tunnels between two hosts/nodes? – yfeldblum Apr 11 '11 at 22:36
  • 1
    @Justice yeah OpenVPN. – rook Apr 12 '11 at 03:05
3

MongoDB is only about 1/10 related to what you are asking, I think. You basically want to know how to securely store data, and associated keys in the cloud. There are entire books written on this... :)

Your question may be too broad for me to offer any reasonable answer, but others may be able to do better.

With that being said, there is a great patterns and practices guide written by Microsoft on securing your cloud application. This is Azure-specific though.

Steve
  • 15,155
  • 3
  • 37
  • 66
  • Wow I wasn't aware anyone used Azure. – rook Apr 11 '11 at 16:56
  • The question is MongoDB-specific insofar as MongoDB doesn't support SSL natively the way PostgreSQL does and it doesn't support Transparent Data Encryption natively the way SQL Server does. So I need to do something else infrastructurally to get encryption in transit and at rest. The question here is, what are those "external" things I need to do? – yfeldblum Apr 11 '11 at 19:00
  • 1
    @Rook Azure is actually used quite a bunch, and is really starting to gain in popularity. Not #1 yet by any means, but steadily gaining percentages. – AviD Apr 11 '11 at 20:37