We are living in the age where vast amount of data including personal information are collected. Such data are often stored in modern database like couchDB, MongoDB and Elasticsearch. In order to be in line with PDPA guidelines, certain fields in the database need to be encrypted.
The architecture is as such:
Here are the characteristics:
- Column are encrypted/decrypted using Data Key.
- Data Key itself is encrypted/decrypted by Master Key.
- Data Key is stored in Mongo collection.
- Master Key is stored in KMS.
- Schema is also stored in Mongo collection.
Let’s dive to see what happen when we read data from encrypted fields:
Similarly, let us see what happen when encrypted data are written:
