Just because protecting and securing your data against today’s cyber threats is critical doesn’t mean you have to limit access. With MarkLogic you can have fine-grained access controls, proper separation of duties, and the ability to anonymize data so that your data is both secure and shareable.

How Do You Use MarkLogic’s Advanced Security Feature?

Out of the box, MarkLogic provides you with the industry-leading security you need. But your organization may require the Advanced Security option, which includes three additional capabilities:

  • External Key Management for additional separation of concerns and ease of management for storing encryption keys. This option is helpful when you want to leverage an external Key Management System (KMS) that is already in use.
  • Redaction for when pieces of your data need to be removed or obscured when exporting data for sharing. This feature is beneficial in meeting compliance guidelines like HIPAA, SEC17a-4, FINRA, and GDPR, to name just a few.
  • Compartment Security to further restrict data access by requiring users to have more than one role to view data, not just one of the right roles. It’s often employed to protect classified material in government systems.

“There’s a whole new way of defining security and what it means to have data ownership.”

“Element Level Security: There’s a whole new way of defining security and what it means to have data ownership. You can have shared infrastructure, and I can define security models in a way where different groups in the organization can have access to their own data, but we still have one copy of the data.”

Pranav Rao

External Key Management

MarkLogic interoperates with third-party KMS systems, including Amazon Web Services (AWS) Key Management Service (KMS) and others such as Gemalto’s SafeNet. These external KMS systems securely manage authentication keys used by the self-encrypting disks in your storage system. This extra layer of security includes:

  • Key Management for automatic key rotation, key revocation, and deletion.
  • Access Controls so that unauthorized database admins, system admins, and storage admins can’t access the database files. Only the external KMS admin controls access to the encryption keys.
Supported External KMS Systems

Redaction

Redaction

To implement, a MarkLogic security administrator creates redaction policies that contain rules defining which sensitive information should be redacted, and then chooses which policy to apply when running an export. Administrators can combine built-in or custom rules into policies to match different target needs

Built-in functions for different types of redaction include:

  • Concealing: Hide elements and/or their values (or properties and/or their values in the case of JSON)
  • Masking: Change the data using random masking (the value varies with each instance), deterministic masking (the same
    value is applied every time), or dictionary masking (the value is applied from a specified dictionary)
  • Patterns: Change the data using a pattern such as Social Security Number, U.S. phone number, email, IPv4, or Regex
  • Custom: Use server-side JavaScript or XQuery functions to apply unique rules (e.g., redact the name if the person is less than 18 years old)

All rules and actions taken by users are logged, ensuring all export activity can be audited later on

Redaction is designed to be used when running large bulk exports. And, by utilizing the MarkLogic Content Pump (mlcp), it’s faster and more secure than solutions implemented at the application layer

“We need to have a sense of unified data available, govern it properly, and apply security to make sure that we can share that knowledge throughout our organization. So, we are utilizing MarkLogic to break away from the silo approach—we have a unified sense of data and can also enforce proper controls over it and empower our employees to access the data.”

Sema Ustuntas

Compartment Security

Compartment Security provides additional security control to specify that a user must have all of the right roles to interact with a document rather than just one of the right roles using AND semantics or OR semantics.

In MarkLogic, a compartment is a name associated with a role. When a role is compartmented, the compartment name is used as an additional check when determining a user’s authority to access or create documents in a database. Without compartment security, permissions are checked using OR semantics.

For example, if a document has read permission for role1 and read permission for role2, a user who possesses either role1 or role2 can read that document. If those roles have different compartments associated with them (for example, compartment1 and compartment2, respectively), then the permissions are checked using AND semantics for each compartment, as well as OR semantics for each non-compartmented role. To access the document, if role1 and role2 are in different compartments, a user must possess both role1 and role2 to access the document, as well as a non-compartmented role that has a corresponding permission on the document.

Related Resources

Datasheet
Advanced Security

Learn More

Documentation
Introduction to Security

Security Guide

Documentation
Redacting Document Content

Application Developer’s Guide

On-Demand Tutorial
MLU Redaction Course

Watch Tutorial

Security Guide
Compartment Security

View Resource

Feature-Rich and Built for the Enterprise

This website uses cookies.

By continuing to use this website you are giving consent to cookies being used in accordance with the MarkLogic Privacy Statement.