I am developing my own external custom plugin in React.
And I am planning to store personal information of customers and their inventory data as well in Elasticsearch, in addition to logging data. I am planning to implement multi-tenancy as well.
How can I encrypt the data so that sensitive information like passwords will not be visible to the users themselves and other tenants also.
Kingly guide me
You need to encrypt it before sending to Elasticsearch.
Note that you will also not be able to search on any of those encrypted information.
Thanks for the reply
So both encryption and decryption, and key management and assignment should be done and maintained by the developer right?
I saw that saved objects can be encryption by mentioning the encryption key in the yml file. Can I store data as saved objects rather than in indices? Or are saved objects a completely different concept ?
I went through 100+ posts on the forum, and this is what I understood regarding encryption in ES
- Data-in-transit encryption is there in ES
- Data-at-rest encryption can be implemented in 2 ways:
a. Manually encrypting data before indexing and decrypting on retrieval
b. Using OS level encryption (dm-crypt)
I do understand dm-crypt and also that the data will be transparent to authorized ES users. But what happens in between? Meaning how does dm-crypt get the key to encrypt the data and how the data is transparent to ES?
Yes, you have encrypted communications between elasticsearch nodes and clients.
That's right, if you want to store encrypted data in elasticsearch you will need to encrypt it before you store it or use a OS level encryption.
The OS level encryption is transparent for Elasticsearch and any other software in the system, so if you store a sensitive information in plain text, everyone who is authorized to query on that field will be able to see that information.
What that kind encryption do is to protect your data if your disk is powered off and removed from the system, while it is powered on and in the system, everyone with access to the system may be able to see it.
You can read more about it here, here and here.
Thanks a lot Leandro for the detailed explanation.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.