mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
Updated Filer Data Encryption (markdown)
parent
ecb3f95402
commit
ec2916d61b
|
@ -3,7 +3,7 @@ For filer,
|
||||||
* The metadata is stored in filer store.
|
* The metadata is stored in filer store.
|
||||||
* The actual data is stored in volume servers.
|
* The actual data is stored in volume servers.
|
||||||
|
|
||||||
However, there could be many volume servers. And the volumes may be tiered to the cloud. What if there are some security breach?
|
However, there could be many volume servers. And the volumes may be tiered to the cloud. What if some of them are hacked?
|
||||||
|
|
||||||
### Encrypt data on volume servers
|
### Encrypt data on volume servers
|
||||||
`weed filer -encryptVolumeData` is an option to encrypt the data on volume servers.
|
`weed filer -encryptVolumeData` is an option to encrypt the data on volume servers.
|
||||||
|
@ -13,13 +13,13 @@ The encryption keys are randomly generated during write time, and are different
|
||||||
So the volume data on the volume servers are encrypted. As long as the filer store is not exposed, it is nearly impossible to guess the encryption keys for all the files.
|
So the volume data on the volume servers are encrypted. As long as the filer store is not exposed, it is nearly impossible to guess the encryption keys for all the files.
|
||||||
|
|
||||||
### Safe Data Storage
|
### Safe Data Storage
|
||||||
Actually the volume servers do not have any concept of encryption. With the file content encrypted, it is safe to put volume servers anywhere you want. The volume servers are not visible to any unencrypted data, for either storage or transmission.
|
Actually the volume servers do not have any concept of encryption. The encrypted data blocks are treated just as any other data blocks. The volume servers are not visible to any unencrypted data, for either storage or transmission. With the file content encrypted, it is safe to put volume servers any where you want.
|
||||||
|
|
||||||
### Safely Forget Data
|
### Safely Forget Data
|
||||||
Another side is, with GDPR, companies are required to "forget" customer data after some time. If the volume data is stored on a glacial storage system, it is cumbersome to dig them out and destroy them. It is much easier to just delete the metadata, and the volume data is automatically "destroyed".
|
Another side is, with GDPR, companies are required to "forget" customer data after some time. If the volume data is stored on a glacial storage system, it is cumbersome to dig them out and destroy them. It is much easier to just delete the metadata, and the volume data is automatically "destroyed".
|
||||||
|
|
||||||
### Encryption Algorithm
|
### Encryption Algorithm
|
||||||
The encryption is through GCM https://en.wikipedia.org/wiki/Galois/Counter_Mode
|
The encryption is through AES256-GCM https://en.wikipedia.org/wiki/Galois/Counter_Mode
|
||||||
|
|
||||||
There is one randomly generated cipher key of 256 bits for each file chunk. The cipher code is here https://github.com/chrislusf/seaweedfs/blob/master/weed/util/cipher.go
|
There is one randomly generated cipher key of 256 bits for each file chunk. The cipher code is here https://github.com/chrislusf/seaweedfs/blob/master/weed/util/cipher.go
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue