In today’s mobile-driven world, there’s an expectation that apps should always work – with and without an internet connection. Delivering on this expectation requires access and storage of decentralized data directly on device. This is very different from just a few years ago when most data was exclusively stored centralized in the cloud.

Managing decentralized data introduces a number of security risks that are critical to manage. While addressing these risks may be difficult, not addressing them puts mobile users and their data at risk.

Specifically, there are five key security concerns when working with data storage and transport:

  • User Authentication
  • Data Read/Write Access
  • Data Transport on the Wire
  • Data Storage on Device
  • Data Storage in the Cloud

​Couchbase Mobile resolves each of these concerns.

For User Authentication we support pluggable authentication. Out of the box we have support for popular public login providers like Facebook, standard OpenID Connect (OIDC) providers, and you can write your own custom provider. You can also restrict access to the system to successfully authenticated users or optionally allow anonymous users.

For Data Read/Write Access there are fine-grained policy tools that allow controlling data access for individual users and roles. Read-side permissions are at the document level and write-side permissions are down to the field level.

Data Transport on the Wire, for data in motion, is over TLS.

Data Storage on Device, for data at rest on device, uses the device’s built in File System Encryption and 256-bit AES full database encryption.

Data Storage in the Cloud, for data at rest in the cloud, you can configure Couchbase Server to use File System Encryption.

Couchbase Mobile allows you to easily manage your data throughout the full network and application stack. This includes storage, access, synchronization, and security in the cloud, on phones, on and tablets, on the web, on your TV, in your car, and everywhere else.

You can learn more and get started with Couchbase Mobile at developer.couchbase.com/mobile.

Posted by Wayne Carter, Chief Architect, Mobile, Couchbase

Wayne Carter is the Chief Architect of Mobile at Couchbase, where he is responsible for leading the vision, strategy, and development for the company's mobile solutions. Before joining Couchbase, Wayne spent 7 years at Oracle as the architect responsible for driving mobile innovation within the CRM and SAAS product lines. He has 10 patents and patents pending from his work there. Prior to his time at Oracle, Wayne held technical leadership positions at Siebel working on their CRM product line.

Leave a reply