[Techtalk] mongodb with encryption?
John Sturdy
jcg.sturdy at gmail.com
Sun Jul 15 14:07:21 UTC 2018
Sorry, accidentally hit send...
I'm tryin
On Sun, Jul 15, 2018 at 3:06 PM, John Sturdy <jcg.sturdy at gmail.com> wrote:
> Hi,
>
> I've been writing a membership and training management database system for
> my local hackerspace, and because of GDPR I've been asked to separate out
> the Personal Identifying Data (basically any profile data that could be
> used to harass someone) into a separate, encrypted database, which is to be
> encrypted at rest. The overall architecture of the system is that login,
> sessions, authentication, and URL dispatch are all handled by django, but
> then the rest of it is handled in my python code, which supplies view
> functions for django to use (i.e. my code makes up the whole page string,
> without using django templates etc). My code uses mongodb for all its
> storage. I've done it this way partly because I'm familiar with mongodb
> and templateless HTML generation in python (in the way described at
> https://bitbucket.org/tavisrudd/throw-out-your-templates/src) but not
> with django and relational databases; and I want the flexibility that mongo
> provides, and don't want to have to do django migrations whenever the form
> of a user profile changes.
>
> My original idea was to keep information such as names and addresses in
> the database that django uses to manage user accounts, but when I saw about
> having to do migrations when these change, I decided I'd rather put almost
> all that information into mongo, leaving a minimum (name, email and a UUID
> to link the to the mongo database) in django's database, for flexibility
> and minimal technical hassle, and also because we want to get the project
> up and running ASAP.
>
> I'd been assuming that keeping the user profile database on an encrypted
> filesystem would be as good as using a database that does encryption
> itself. However, the hackerspace committee's GDPR expert is encouraging
> me to use an encrypted SQL database for this, but I really don't want the
> learngin
>
More information about the Techtalk
mailing list