Encrypted Index

NiFiTweets · May 26, 2016, 7:00am

I have a scenario where i have confidential data saved as employee records/financial records shouldn't be accessible to one another, unless they have the key to access it. Can this be achieved with ES?

1)I am looking for encrypted index having data which will fetch data only for the associated access key or else it will fetch junk values/bad request.
2)And since I'm thinking of using ES as backend to another application, can this also be achieved with API calls?

Please Help! Thanks !!

thn · May 26, 2016, 4:54pm

Here are a few things that you can think and decide what you want to do

If you are thinking about using ES as storage, the answer is no, use something else
I've seen other approach where the actual data or value to a field is encrypted first before it gets indexed by ES. If you take this approach, you have to think about how to search. I would not recommend to go with this either.
Since ES is a search engine, not a database or a filesystem, it will index data that you insert into to it. You can use the mapping to tell ES to index data but don't store, that means when you look into the index, you don't see "readable data" at all. When you do this, store the content somewhere else such as local file system, a database, something like Mongo GridFS, etc... that way you can encrypt the content before storing it. When your users search for info, the system can tell the users if there are hits or not with minimum info. When they select a search result to view, they have to provide a key either automatically based on their credentials or manually (it depends on how you want to build your system) then the system can use this key to decrypt the data for viewing.
Another option here is putting the restriction how you want users to view the data. I think ES has a product called Shield (it has a new name now in v5) that you can use.

If I were you, I would take a look at option 3 and 4, not 1 and 2.

tinle · May 26, 2016, 6:00pm

Take a look at Credeon (Hitachi). They had a booth at ElastiCon 2016 in SF.

http://www.hitachi-solutions.com/securesearch/

From talking with the person at the booth, they support ES also.

Ramya · January 30, 2017, 6:45am

Hi thn
I am having the scenario to encrypt passwords (or other data) before saving it in ElasticsearchDB
using nodejs is this possible? how can I acheive this ? please help me
Thanks in advance

thn · January 30, 2017, 8:40pm

I don't use nodejs but with a quick search, you can find the following links

for encryption: https://www.npmjs.com/package/crypto-js

for elasticsearch: https://www.npmjs.com/package/elasticsearch

Ramya · January 31, 2017, 4:54am

Thank you thn...Found it as useful to me...

Ramya · February 9, 2017, 4:45am

Hi thn
Do u have any idea of encrypting some user data like mailid,name,mobile number
in elastisearch index Directly using sense plugin.

Topic		Replies	Views
Encrypt the index data? Elasticsearch	5	9307	June 7, 2017
Encrypt couple of my document fields Elasticsearch	7	2567	July 5, 2017
How can I encrypt the data stored in indexes? Kibana kibana-plugin-development	6	8143	November 1, 2022
How can i do Elastic Search on Encrypted data Elasticsearch	7	8475	August 31, 2017
Any suggestion to encrypt data per index with different keys and do full text search Elasticsearch elastic-stack-security	2	394	March 9, 2020

Encrypted Index

Related Topics