Cybersecured Database designed for Data Loss Prevention
that Developers, Administrators, Cybersecs and Managers love ♥
For Developers
- quick start for newjoiners, easy software development
- clean, readable and maintanable code of your apps, while keeping them secure
- works on schemaless JSON (schema is an option, not requirement)
- automatic data conflicts resolution (as an option)
- observable data streams - watch for changes
For IT Administrators
- quick and easy setup
- secured by default
- consistent data without clustering (no split-brain problems)
- can work on existing infrastructure and stack
- easy backup (filesystem snapshot)
- both On-Premise-friendy and Cloud-friendly
For Cybersec Specialists
Reduce negative effects of the following attacks:- database or application server hack
- infrastructure/hosting/cloud provider hack
- lost/stolen backup
- internal threat (including IT administrators and programmers)
For Business Managers
- security first
- low-cost deployment
- better data protection
- auditable history that is hard to tamper
- quicker and cheaper development
- be more compliant with General Data Protection Regulation (GPDR) and California Privacy Rights Act (CPRA)
Introduction
SecuDB is an open-source secure by default database that stores encrypted JSON data using signed chain-like structure (log of changes stored as interconnected previous-next list of records) in a filesystem-based storage, including NAS (CIFS/SMB/Samba) or AWS S3.
Features
Auditable
SecuDB stores metadata about changes including audit trail and keeps whole history, that helps to answer important questions: Who? When? What? Why?Schemaless or Schema-based
SecuDB is a NoSQL schemaless database that natively handles JSON data, which makes it very easy to integrate with any new or existing application. But it's possible to add optional schema layer on top of it in Enterprise edition.Events, Entities, Files...
SecuDB can be used both to store Events (standalone unmodifiable occurences), versioned Entities/Objects (modifiable structures) and Files (blobs). So you can use SecuDB in an Event-Sourcing way or as a Object/Document Store or as a versioned File Store that allows to apply modifications while keeping whole changelog - however you like. You can even mix all the ways!Encryption & Signatures
- Node (Server or Embedded Engine) is chain-linking all new records with previously stored and signing it using node's signature private key
- Uses AES-256 encryption to transform data before saving in the storage (symmetric key shared accross nodes)
- Optionally it is possible to turn on end-to-end encryption for clients
- Optionally it is possible to turn on and enforce signatures by clients
Optimistic Locks and Auto-Merge
SecuDB supports both optimistic locking (will cancel the transaction if there was concurrent change) and automatic conflicts resolution mechanism by merging changes to the stored version of an Entity. Again, You choose! With SecuDB it is easier to create applications that allows offline modifications.Huge blobs and deduplication
For data deduplication and making sure that the large binaries (files) or immutable parts won't be transferred multiple times, SecuDB implements its own Blobs managing mechanism. Blobs are defined as attachments/relations for Events and Entities. And you can also store versioned files with meta properties as specific Entities!REST API and GraphQL
To easily integrate with frontend code, SecuDB provides REST API and basic schemaless GraphQL support. Be aware that client signatures and end-to-end encryption may require usage of dedicated SecuDB Client Library.Storages
- In-Memory
- Local filesystem
- NAS (CIFS/SMB/Samba)
- AWS S3 or compatible
... and even more soon
Supported Languages
- JVM (Java, Kotlin, Scala) - the Engine and JVM Client natively implemented in Java
- JavaScript/TypeScript client - should work fine for web applications and SPA (JS/Vue/Angular/React), hybrid mobile applications (Cordova/Ionic) and desktop applications (Electron, NW.js), as also in Javascript-based servers and command-line tools (Node.js)
... and even more soon
Transactional
SecuDB supports transactional changes (e.g. to perform atomitic modification of two separate Entities). Even without complex transactions it ensures that a single Entity is modified atomitically.Two-Phase Commits
SecuDB allows to implement two-phase commit flow to orchestrate multiple changes in distributed systems. Precommit tries to temporarily commit current transaction state and, until specified deadline, locks elements that were used in the transaction (in shared read or exclusive read/write mode) to ensure that no other commit will overwrite them.Resumable Commits
Transactions may be temporarily commited (precommited) and resumed even on another machine using it's transaction identifier. Until specified deadline, locks will be kept for elementes used in the transaction.Open Source
Most of SecuDB source code has been written in Java and made publicly available as Open Source in GitHub. Additionally, client libraries in different languages are also available.Run Server or Embed Engine (JVM)
SecuDB Engine can be embedded into any Java application (server, desktop, command-line) so there is no need to start additional server. Embedded Engine works as a single node. Multiple nodes (Engines or Servers) may run in parallel on the same storage without awareness of themselves and without any worry about data consistency (as long as underlying storage supports atomic operations).Java JPA Support
Optional SecuDB Persistence module implements subset of Jakarta Persistence API (formerly Java Persistence API) to support transactional handling on POJOs (Plain Old Java Objects) in a easy and standardized way. It automatically handles relations between Entities and stores blobs from marked fields! It should be easy to migrate any JPA-based application, as also to speed up new development in Java. Read more...Getting started
Visit project at GitHub: github.com/SecuDB/secudb for more details, setup instructions and examples.
SecuDB Editions
Feature | Community edition |
Enterprise edition |
Cloud / Hosting edition |
---|---|---|---|
Secure using encryption and signatures | |||
Transactional | |||
Basic Authentication | |||
JWT (Json Web Token) Authentication | |||
Authorization (restrict who can do what) | |||
Web Administration Interface | |||
Monitoring Tools | |||
Professional Support (email & phone) | |||
Multi-Tenant | |||
Dynamic Configuration | |||
Quotas and Statistics API | |||
Proactive Automated ASAP+ Support |
Community edition is free for both personal and commercial use (LGPL 3).
Interested in Enterprise or Cloud / Hosting edition? Contact us!
Interested in Enterprise or Cloud / Hosting edition? Contact us!