Cloudize API Framework Version 24.1 Release
We're delighted to share that we have released Version 24.1 of the Cloudize API Framework today.
As foreshadowed in our forward-looking statement within the Version 23.3 release notes, the primary focus of this release is the introduction of Field Level Encryption within the framework.
This powerful feature delivers developers the ability to leverage MongoDB's CSFLE (Client Side Field Level Encryption) within their API Applications in ways that support key shredding and give them full control of how and when encryption is applied.
For those not familiar with the concept of key shredding, essentially, it is a technique that allows data within an encryption boundary (e.g. data associated with an entity, such as a customer) to use a specific encryption key when encrypting and decrypting data associated to that entity.
To implement the technique properly, the key itself must be stored in a separate database cluster with a distinct and short-lived backup retention policy.
Whilst the backup retention policy associated with the primary database cluster may extend to months or even years, the backup retention policy associated with the database cluster that stores the encryption keys would be much shorter (perhaps a week or two).
Should a customer then choose to exercise their right to be forgotten, the data associated with the customer is then deleted from the primary database, and the encryption key associated with the customer is deleted from the keys database.
In addition to honouring the customer's right to be forgotten within the active dataset (the live database), within a short period of time (a week or two), when the encryption keys are no longer recoverable from backups, all data associated with the customer within all historical backups is effectively unreadable.
Key shredding is a powerful technique that is easily implemented with the functionality within Version 24.1.
Looking ahead, we expect our next major framework release to be version 25.1, which is scheduled for release in Q1 or Q2 of 2025. We're not yet able to commit to the feature targets for this release and expect to make a further statement closer to the time.