While CipherStash uses a lot of common terms and concepts that you’re already familiar with, some words and phrases are uniquely... Stashian. We’ve produced this glossary to explain anything that might not be quite what you’re used to.
A set of records that have a similar structure and access pattern. Indexes are defined in collections to facilitate retrieval on fields other than the unique record ID. It is analogous to a table in an RDBMS.
The means by which CipherStash is able to search a collection of records. In many databases, you can search on any field, and an index is a performance optimisation. However in CipherStash, you can only search against fields that have been indexed, because the database cannot see the record directly, because everything (including the indexes) are encrypted. At present, indexes can only be defined when a collection is created.
The set of configuration parameters that define how to connect and use a CipherStash workspace.
These parameters include authentication details, service and workspace names, as well as details about how to access the cryptographic keys used to encrypt and decrypt your data.
Typically profile parameters are either specified via environment variables, or via files stored under
See also: Schema Defintion.
The basic entity which is stored in and retrieved from a CipherStash datastore. A record, from the perspective of CipherStash itself, is an opaque blob of encrypted data. Index terms provided when the record is inserted (or updated) allow it to be queried for and retrieved. It is (very roughly) analogous to a row in an RDBMS.
A set of (usually related) collections. CipherStash’s access control is at that workspace level (for now), so data in separate security domains should be kept in separate workspaces. It is roughly analogous to a database (or “schema”) in an RDBMS.