Thought on MongoDB Document Encryption on Windows Azure

My company was asked to deploy a system managed by an Indonesia government department to Windows Azure infrastructure. Apparently, the biggest concern of enterprise and government to deploy internal information system applications to 3rd party cloud infrastructure is security. There should be a way to avoid unwanted access to the data by any parties (including the cloud infrastructure owner), but the owner of the system.

In my case, the system uses Node.js as development platform and MongoDB as database system. MongoDB document encryption needs to be implemented in addition to any built-in security measure.

Please note that this post is used as my note of my research so far, not as a guideline. As the project is not yet started, there’s no way I know which one of the alternatives I describe here that actually works. Will update later with more practical guide.

Continue reading Thought on MongoDB Document Encryption on Windows Azure