Engineering an Encrypted Storage Engine

Engineering an Encrypted Storage Engine

June 02, 2015

Internals

Amalia Hawkins, Software Engineer at MongoDB

We're building a storage engine for MongoDB that provides encryption at rest. When we first set out to do this, the questions were many: how do you protect database encryption keys in a distributed environment, where all the code is open source? Can you optimize performance despite the extra steps of encryption and decryption? And most importantly, how do you make the protection mechanisms easy-to-use yet secure? This talk covers the requirements we gathered, the issues we faced, and the design decisions we made. It is aimed at those interested in security, storage engines, and the engineering process.

MongoDB World for Giant Ideas
June 20-21 Chicago, IL

MongoDB World is where the world’s fastest growing database community comes to connect, explore, and learn. Join us for hands-on and deep-dive technical sessions, giving you the tools you need to build and deploy your giant ideas.