客户端字段级加密 (Client-Side Field Level Encryption)
简介
Client-Side Field Level Encryption (CSFLE) is a feature that enables you to encrypt data in your application before you send it over the network to MongoDB. With CSFLE enabled, no MongoDB product has access to your data in an unencrypted form.
You can set up CSFLE using the following mechanisms:
自动加密:使您能够执行加密的读取和写入操作,而无需添加对加密和解密字段的显式调用。
显式加密:让您能够通过 MongoDB 驱动程序的加密库执行加密读写操作。您必须在整个应用程序中指定使用此库进行加密的逻辑。
Considerations
When implementing an application that uses Client-Side Field Level Encryption, consider the points listed in 安全考虑因素.
For limitations, see CSFLE limitations.
兼容性
To learn which MongoDB server products and drivers support CSFLE, see 客户端字段级加密兼容性.
功能
To learn about the security benefits of CSFLE for your applications, see the 功能 page.
安装
To learn what you must install to use CSFLE, see the Installation Requirements page.
快速入门
To start using CSFLE, see the 快速入门.
在本指南中,代码示例使用占位符文本。在运行示例之前,请用您自己的值替换这些占位符。
例如:
dek_id := "<Your Base64 DEK ID>"
您可以将引号之间的内容替换为您的 DEK ID。
dek_id := "abc123"
Fundamentals
To learn how CSFLE works and how to set it up, see the Fundamentals section.
The fundamentals section contains the following pages:
Tutorials
To learn how to perform specific tasks with CSFLE, see the Tutorials section.
参考
如需了解加密密钥管理,请参阅加密密钥和密钥保管库。
For more information about developing your CSFLE-enabled applications, see the 参考 section, which contains the following pages: