Difference between revisions of "Projects/OWASP VaultDB Project"

From OWASP
Jump to: navigation, search
Line 28: Line 28:
 
Home page : [http://www.vaultdb.org VaultDB]
 
Home page : [http://www.vaultdb.org VaultDB]
  
Online repo : [http://github.com/mrshadow/VaultDB Github]
+
Online repo : [http://github.com/zalg/VaultDB Github]
  
  

Revision as of 13:48, 21 January 2014

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP VaultDB Project
Purpose: VaultDB is a secure NoSQL database management system (DBMS) for modern applications. It supports multi-recipient encryption, table-level encryption, group encryption and comes loaded with a strong cryptosystem.

VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside your prefered DBMS for storage.

It's design is made to provide developers with a solid method for integrating strong cryptography inside applications and databases, secure data using NoSQL-like transactions while avoiding encryption design flaws.

Cryptography is hard and implementation mistakes can quickly render any encryption scheme useless and insecure.

VaultDB was designed with these facts in mind and aim at ensuring proper security through open verifiability of it's cryptosystem's implementation.




This project can protect your application from 4 out of 10 critical security risks in the OWASP Top Ten Most Critical Web Application Security Risks from OWASP_Top_Ten_Project.

  • A1 Injection
  • A2 Broken Authentication and Session Management (was formerly A3)
  • A5 Security Misconfiguration (was formerly A6)
  • A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)




Home page : VaultDB

Online repo : Github



License: Modified BSD, 3-clause License (we recommend you consider Apache 2.0 instead of this licnese. It is more up-to-date and provides a little more protection from software patent lawsuits)
who is working on this project?
Project Leader(s):
  • Maxime Labelle @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Maxime Labelle @ to contribute to this project
  • Contact Maxime Labelle @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases