mirror of
https://github.com/bigchaindb/bigchaindb.git
synced 2024-10-13 13:34:05 +00:00
8090a35676
* Problem: Docs should say more about how to handle privacy & private data Solution: Write a new docs page about that * Problem: Server docs say little re/ prod. node security & privacy Solution: Create a new docs page, "Production Node Security & Privacy" * Address initial comments from @gautamdhameja
956 B
956 B
Production Node Security & Privacy
Here are some references about how to secure an Ubuntu 18.04 server:
- Ubuntu 18.04 - Ubuntu Server Guide - Security
- Ubuntu Blog: National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide
Also, here are some recommendations a node operator can follow to enhance the privacy of the data coming to, stored on, and leaving their node:
- Ensure that all data stored on a node is encrypted at rest, e.g. using full disk encryption. This can be provided as a service by the operating system, transparently to BigchainDB, MongoDB and Tendermint.
- Ensure that all data is encrypted in transit, i.e. enforce using HTTPS for the HTTP API and the Websocket API. This can be done using NGINX or similar, as we do with the BigchainDB Testnet.