This is a recurring issue. The Hitachi solution will encrypt individual _tokens_ in the index, even with different keys for different users. However, the price is functionality.
Take wildcards. The Hitachi solution doesn’t solve this, the problem is basically intractable. Consider the words run, running, runner, and runs. A search for run* has to match all those words, and an encryption algorithm that encodes the first three letters identically is trivially breakable. People do as you are, put the index on an encrypting filesystim if encryption-at-rest is sufficient. My personal take is that if a hacker has unrestricted access to the memory on your Solr servers and could read the unencrypted index, Solr is only one of many problems you have. Best, Erick > On Jun 25, 2019, at 8:40 AM, Alexandre Rafalovitch <arafa...@gmail.com> wrote: > > No index encryption in the box. I am aware of a commercial solution but no > details on how good or what the price is: > https://www.hitachi-solutions.com/securesearch/ > > Regards, > Alex > > On Tue, Jun 25, 2019, 11:32 AM Ahuja, Sakshi, <ahuj...@upmc.edu> wrote: > >> Hi, >> >> I am using solr 6.6 and want to encrypt index for security reasons. I have >> tried Windows FS encryption option that works but want to know if solr has >> some inbuilt feature to encrypt index or any good way to encrypt solr index? >> >> Thanks, >> Sakshi >>
