MongoDb protect database file from anonymous access -
i created mongodb database description
http://docs.mongodb.org/manual/tutorial/enable-authentication-without-bypass/
created database created admin-user run mongodb --auth parameterthat works fine.
but how can protect database files anonymous access?
when take database-file , run mongodb without --auth parameter have access whole database.
is there way protect database file can't run mongodb without --auth?
best regards
tobias
encrypting info files part of overall security strategy - if has access re-create files computer or backup, may able snag encryption keys same source. mongodb manual has security section covers general best practices including access control, network exposure, auditing, , high level checklist.
if want encrypt mongodb info files need solution "encryption @ rest".
as @ mongodb 2.6, there no built-in back upwards info encryption there number of open source commercial solutions available.
the broad categories of encryption @ rest application level or storage encryption (which can used independently or together, depending on requirements). encryption add together performance overhead disk i/o, should consider in testing & evaluation of suitable solution requirements.
a few examples of encryption @ rest solutions are:
luks (linux unified key setup) windows bitlocker drive encryptionfor more info on supported options, have read of encryption @ rest section of mongodb security documentation.
mongodb
No comments:
Post a Comment