CipherStash Documentation

While CipherStash uses a lot of common terms and concepts that you’re already familiar with, some words and phrases are uniquely... Stashian. We’ve produced this glossary to explain anything that might not be quite what you’re used to.


A set of sources that have a similar structure and access pattern. Indexes are defined in collections to facilitate retrieval on fields other than the unique source ID. It is analogous to a table in an RDBMS.


The means by which CipherStash is able to search a collection of sources. In many databases, you can search on any field, and an index is a performance optimisation. However in CipherStash, you can only search against fields that have been indexed, because the database cannot see the source directly, because everything (including the indexes) are encrypted. At present, indexes can only be created at collection definition time.


A set of (usually related) collections. CipherStash’s access control is at that workspace level (for now), so data in separate security domains should be kept in separate workspaces. It is roughly analogous to a database (or “schema”) in an RDBMS.


The basic entity which is stored in and retrieved from a CipherStash datastore. A source, from the perspective of CipherStash itself, is an opaque blob of encrypted data. Index terms provided when the source is inserted (or updated) allow it to be queried for and retrieved. It is (very roughly) analogous to a row in an RDBMS.