Learn how MongoDB on LinuxONE and IBM Cloud Hyper Protect Services can be used to manage highly sensitive and confidential data – pervasively encrypting and securing your environments, consolidating thousands of database instances while serving hundreds of billions of queries a day. At the end of this session you will better understand how managing and scaling large amounts of critical business data can be achieved easily with automatic pervasive encryption of code and data in-flight and at-rest.
If you're a Developer, Architect, DBA or a Business Stakeholder, and your organization is using or planning to use MongoDB on-premise or in the cloud, this session will help you to gain insights into the best way to run MongoDB to keep your business safe and scaling holistically.
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
MongoDB .local Chicago 2019: Keep your Business Safe and Scaling Holistically with MongoDB on LinuxONE
1. Keep your Business Safe
and Scaling Holistically with
MongoDB on LinuxONE
Rebecca Gott, Ph.D
IBM Distinguished Engineer, IBM LinuxONE
gott@us.ibm.com
Systems / LinuxONE / Copyright 2019 IBM Corp.
5. 5
App C
Bins/Libs Bins/Libs
Docker
Linux Host OS
X86 Infrastructure
Docker Container
AttackerDocker Group
Hot Wallet
1
Access the Docker Group to which the user is a
member (many Docker Groups have hardcoded
credentials for ease of use)
Obtain root level system access and, as a
superuser, run this command:
2
3
4 Trade funds from the exchange’s hot wallet to
attacker’s wallet
$ docker run -v /home/${USER}:/h_docs ubuntu bash
-c "cp /bin/bash /h_docs/rootshell && chmod 4777
/h_docs/rootshell;" && ~/rootshell -p
Obtain a system administrator’s account credentials:
• Social Engineering / Credential Reuse
• Account Takeover of Cloud Hosting
• Application Vulnerability
Permission Exploit
12. Secure applications in the Secure Service Container
12
IBM Secure Service Container (SSC)
Evil Admin
REST
API
MongoDB running in
protected memory
Isolated Hyper
Protect Runtime
MongoDB running in
protected memory
Isolated Hyper
Protect Runtime
Secure Key FIPS 197 AES-256 encryption
Administrators and applications
must use white labeled Rest API
No command line
$ docker run –v…
Secure
Shell (SSH)
Encrypted
communications
Encrypted
IBM Flash
Storage
Firmware
Tamper-proof
SSC Secure Boot
13. Protect your keys with an HSM that instantly destroys the master keys upon
tamper detection, guaranteeing against loss to attackers
13
Tamper-evident physical
security features (seals)
on enclosed card
FIPS 140-2
Level 2
FIPS 140-2
Level 3
FIPS 140-2
Level 4
Level 2 + Tamper detection
and response for covers and
doors*
Complete 360 degree envelope of protection
and response by destroying keys
IBM Crypto Express 6S
Unique to IBM:100 Nano second response &
error-code correcting (prevents key loss due to
CPU processing faults)* Some Level 3 vendors include key destruction, Level 3+
14. 14
IBM Secure Service Container
Secure Key FIPS 197 AES-256 encryption
Secure Service Container
Secure Key 2
HSM Master Key
Storage Secure Key 1
Docker Container Secure Key 3
Layers of
Encryption
Isolated Hyper
Protect Runtime
IBM Crypto
Express 6s HSM
Trusted
Key Entry
0110101..
True RNG
1. Master Key wrapped AES-256
bit key for storage and backups
2. Master Key wrapped AES-256
bit key for Secure Service
Container encryption
3. Master Key wrapped AES-256
bit key for Individual Docker
container applications.
Encrypted
IBM Flash
Storage
Encrypted
Communications
Encrypted IBM Cloud
Object Store Backup
Encrypted
Communications
MongoDB
MongoDB
Reporting
Protected by
LinuxONE
Secure Private Cloud Platform
Security
Policy
Wallets
No key export. Master keys are
simultaneously generated in
multiple HSMs
Isolated Hyper
Protect Runtime
15. Security at Scale – what makes LinuxONE so unique
15
16 TB Intel Software Guard Extensions (SGX)
0.00012 TB
IBM Secure Service
Container (SSC)