Codenotary Trustcenter Blog

Why You Should Use an Immutable Database To Share Structured Data

Written by Moshe | Jul 10, 2023 3:23:51 PM

In today's age of pervasively active bad actors, data security and privacy have become the number one criteria when implementing business solutions. When it comes to sharing data, there are different approaches that can be taken to ensure its confidentiality and integrity. Until today the traditional approach to protected shared data by means of encryption mechanisms such as GPG or other public/private key approaches.

However, in recent years a new technology approach has come up to share structured data securely by using an immutable data store, like immudb Vault (see https://vault.immudb.io). 

While both approaches aim to protect data, they differ substantially.  While encryption protects data from prying eyes, immutable databases protect data from tampering. In this blog post, we will explore the difference between sharing encrypted data and using an immutable data store to share data.

Sharing Encrypted Data

Encryption is a widely used technique to secure data during transmission by converting plain text into ciphertext using an encryption algorithm and a secret key. Technologies like GPG and other private/public key schemes are often used. The encrypted data can only be decrypted and accessed by authorized parties who possess the corresponding decryption key. When transmitting encrypted data, the data remains protected even if it falls into the wrong hands.

Even if the data is intercepted or accessed by unauthorized individuals, they will not be able to decipher its contents without the decryption key. This makes sharing encrypted data an effective method for transmitting sensitive information, such as personal data, financial records, or trade secrets.

However, sharing encrypted data also has its limitations. It requires the sender and recipient to have a secure channel for exchanging encryption keys. If the encryption keys are compromised or mishandled, the data's security can be compromised. Also, the sender and receiver must somehow transmit keys before transmitting data. With some technologies, previously sent data cannot be recovered with newly changed keys, so a list of previous keys much be kept. 

Additionally, sharing encrypted data can be cumbersome, as both parties need to have the necessary encryption and decryption tools or software, as well as providing secure key management software solutions. 

Using an Immutable Data Store

An immutable data store such as immudb Vault, on the other hand, is a storage system that prevents any modifications or deletions to the stored data. Once data is written to an immutable data store, it becomes fixed and cannot be altered. Cryptographic techniques, such as hash functions and digital signatures, are used to to guarantee the integrity of all previously stored data records in the database. This ensures the consistency and authenticity of the data, as any changes or tampering attempts would be immediately detectable.

Unlike blockchains, immutable data vaults can store all kinds of data such as business records, whole applications, media files and even videos. Also unlike blockchains, immutable data vaults can process millions of records per second. 

One of the main reasons why organizations use an immutable data store is the auditable trail of data changes. Every modification or addition to the data is recorded and can be traced back to its source. This makes it ideal for scenarios where data provenance and accountability are important, such as in financial transactions or supply chain management.

Quite often businesses encrypt their data which is then stored in an immutable data store such as immudb vault. This way, the data is protected during the transmission and also at rest, which results in end to end security for their most critical data. 

Conclusion:

In summary, sharing encrypted data and using an immutable data store are two distinct approaches to secure data sharing, which complement each other very well. Encryption focuses the confidentiality of the data and ensuring that only authorized parties can access it. On the other hand, using an immutable data store emphasizes data integrity and immutability, making it ideal for scenarios where data consistency and transparency are critical. Both should be used together for maximum protection. 

Code Example

Here is an example of code that accomplishes both the encryption and the storing of a document inside immudb vault:

https://gist.github.com/vchaindz/a213c2030993b2ddea006f65851bc76b