We have a user management system that stores some user information, such as email, telephone and so on.
Now I want to protect this information from possible hacking attacks.
Does ES have any good protection for fields?
I have a idea, we can set the _source property of fields which store the private information to false so that we can still query that data, but we can't get it directly.
Is this approach possible? Is there a better solution?
Is your cluster secure - Secure the Elastic Stack | Elasticsearch Guide [8.3] | Elastic?
Yes, but even though we did security for cluster, we still wanted to make sure that some fields were ’more secure‘.
Then definitely check out field and document level security.
Is there any way to ensure that some fields can only be used for queries and not be seen
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.