MongoDB

mongodb is a popular, open source nosql database management system unlike traditional relational databases that use tables and rows to store data, mongodb stores data in flexible, json like documents with optional schemas this provides greater scalability and ease of use and enables you to handle large amounts of structured and unstructured data with built in replication and automatic sharding, mongodb can effortlessly handle the demands of modern applications, making it an ideal choice for businesses looking to manage and analyze large amounts of data in real time in addition, its robust security features and scalability make it a great choice for enterprise level applications kmip the key management interoperability protocol (kmip) is an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server this facilitates data encryption by simplifying encryption key management you can create keys on a server and then retrieve them, possibly wrapped by other keys it supports both symmetric and asymmetric keys and enables you to sign certificates with kmip, clients can also ask a server to encrypt or decrypt data, without needing direct access to the key mongodb information from the mongodb documentation website mongodb enterprise 3 2 introduces a native encryption option for the wiredtiger storage engine outside mongodb atlas (where encryption is handled at the cloud provider level), encryption is only available for enterprise installations that use the wiredtiger storage engine secure management of the encryption keys is a critical requirement for storage encryption mongodb uses a master key that is not stored with the mongodb installation only the master key is externally managed, other keys can be stored with your mongodb instance the mongodb encrypted storage engine supports two key management options for the master key use of local key management through a keyfile integration with a third party key management appliance through the key management interoperability protocol (kmip) recommended mongodb cannot encrypt existing data when you enable encryption with a new key, the mongodb instance cannot have any pre existing data if your mongodb installation already has existing data, see encrypt existing data at rest on the mongodb site for additional steps mongodb enterprise supports the secure transfer of keys with compatible key management appliances using a key manager enables you to store the keys in the key manager mongodb enterprise supports the secure transfer of keys with key management interoperability protocol (kmip) compliant key management appliances any appliance vendor that provides support for kmip is expected to be compatible integration overview this guide covers the following tasks configure the {{k3}} test a connection from mongodb to the {{k3}} configure encryption in mongodb the following sections show you how to perform these tasks