Identity Panel Azure Marketplace Edition™ is a multi-tenant product hosted in Microsoft Azure data centers in the USA, Ireland, England, and Australia. Each instance is an Identity Panel farm. The farms are built from classes. The Apollo Class uses MongoDB (future classes may use Microsoft Cosmo and will be covered in a separate KB).
Each Apollo farm tenant receives their own MongoDB database. Customers may have multiple tenants on separate instances (see architecture documents). Communication from the Identity Panel Core Framework application to the MongoDB is encrypted and authenticated using SCRAM-SHA-1.
From the docs.mongodb.com website...
https://docs.mongodb.com/manual/core/security-scram-sha-1/#scram-sha-1-advantages
SCRAM-SHA-1 Advantages¶
MongoDB’s implementation of SCRAM-SHA-1 represents an improvement in security over the previously-used MONGODB-CR, providing:
- A tunable work factor (
iterationCount), - Per-user random salts rather than server-wide salts,
- A cryptographically stronger hash function (
SHA-1rather thanMD5), and - Authentication of the server to the client as well as the client to the server.
The Keys are stored securely using Microsoft Azure key vault.
Comments
0 comments
Please sign in to leave a comment.