3 Designing Secure Highly Available (HA) Applications

Berkeley DB includes support for building highly available applications based on replication.

Berkeley DB replication groups consist of a certain number of independently configured database environments. There is a single master database environment and one or more client database environments. Master environments support both database reads and writes; client environments support only database reads. If the master environment fails, applications may upgrade a client to be the new master. The database environments might be on separate computers, on separate hardware partitions in a non-uniform memory access (NUMA) system, or on separate disks in a single server.

As always with Berkeley DB environments, any number of concurrent processes or threads may access a database environment. In the case of a master environment, any number of threads of control may read and write the environment, and in the case of a client environment, any number of threads of control may read the environment.

If encryption is desired in a replicated application, all sites in the replication group must use encryption. For the base replication product, you must design a secure application. The application must provide whatever security policies are needed. The use of a secure transport is strongly recommended because some log and database information is transmitted between sites in unencrypted form. For example, the application may choose to encrypt data, use a secure sockets layer (SSL), or do nothing at all. The level of security is left to the sole discretion of the application.