Creating and accessing Encrypted database in OrientDB using the graph APIs

OrientDB supports encrypting database content to prevent unauthorized users from accessing the data.
The encryption support is available from version 2.2.

To create/access an encrypted database, we need to provide a base64 encoded encryption key. OrientDB supports encryption at a database level and each database can be encrypted with different key.

We can choose one of the algorithms for encryption :-
1. AES
2. DES


Set the encryption information in the OGlobalConfiguration.

// For Java 6 and below we do not have the 'PBKDF2WithHmacSHA256' algorithm embedded, 
// so we have to explicitly specify a different one like PBKDF2WithHmacSHA1 for compatibility 
// with lower java versions.

// Set the algorithm as AES
// Set the base64 encoded Encryption key. We have used the base64 representation 
// of the key - 'ThisIsASampleKey' 

Connect to the database using graph the APIs.

//This will create/open the encrypted database and return a OrientTransactionalGraph instance
OrientGraphFactory ogf = new OrientGraphFactory("plocal:./mytestdb", "admin", "admin");
OrientTransactionalGraph og = ogf.getTx();

Now we can use the OrientTransactionalGraph instance to access the encrypted database.


Leave a Reply

Your email address will not be published. Required fields are marked *