Here are feature comparisons for InfinityDB and other databases. We will add more here later. Even though MongoDB is entirely different from InfinityDB, we get many requests about it.
InfinityDB Encrypted Security Features
|Encrypted Data at Rest||100% of the data 100% of the time with selectable AES-128 or AES-256.||Enterprise Atlas Wired Tiger storage engine only. Each node requires a separate key.|
|Integrity Checked Data at Rest||100% of the data 100% of the time with HMAC-SHA256 on every block read||No|
|Per-block, per-write randomization||Independent random encryption ‘initialization vector’, HMAC, and HMAC salt are kept with each block with encrypted, HMAC’ed block number.||No|
|Encrypted Logs||No logs needed||No, but log level and filters may help|
|Encryption re-keying or rotation||Instant password change per database via embedded AES128 key-encryption key||Manual rotation of master only for the keystore|
|Database signing for authentication||Multiple signing per database with embedded X509 certificate trust chains or bare public keys, any signature algorithm, certificate verification, partial signing||None|
|Data Hashing for content ‘fingerprinting’||Fast, over encrypted or unencrypted content using SHA256||None|
|Data Shredding||Instant crypto-shred or fast overwrite of entire databases reliably deletes sensitive data||?|
|Compression of Encrypted Data||Universal full compression to 10x: Variable-length data and blocks, ZLib, UTF-8, common prefixes.||No compression – actually expansion|
InfinityDB Client/Server Security Features
|Secure Data in Motion||Universal SSL/TLS||SSL/TLS. Replication data is unencrypted|
|Authentication||HTTP Basic Auth within TLS pipe||LDAP, SCRAM, Kerberos, Client Certificate. Shards and replica sets need internal authentication|
|Authorization||Users, roles, permissions to databases. Admin via web GUI||Similar. Admin via CLI|
Basic Feature Comparison
- Commercial, closed-source, patented technology. Relies on no other libraries
- All Java
- Embedded, Encrypted, or Client/Server. Fits anywhere: in IoT’s, personal devices, or SaaS servers
- A simple ‘ItemSpace’ data model. Accessible as tables, documents, sets, lists, arrays, objects, blobs, more.
- Data is always sorted on 12 primitive types, with no key/value distinction.
- Component-based applications use provided virtual ItemSpaces
- Embedded ‘metadata’ for dynamic schema evolution
- Documents are of any size determined by prefix, individual operations are fine-grain
- Pattern queries are declarative, syntax-free, and re-usable as regular dbms data, with select/project/join.
- Backend web server for secure administration and secure graphical database browsing and editing
- Transparently remote databases
- Universal data compression
- Transactions are ACID compliant, covering multiple disjoint data subsets at any scale
- No extra processes required
- No administration when Embedded, but security in Client/Server may need admin.
- Single encrypted file, so data is portable, not in a dedicated cluster. No log. Server handles multiple files.
- Fast – reaches 1MOp/sec cached. Natural sorted data locality improves cache effectiveness
- Multi-core for all operations
- No operational cost, single update subscription
- Non-permissively licensed Open-Source NoSQL DBMS based on AGPL (later, modified to the SSPL). Applications are considered ‘separate works’.
- ‘BSON’ Documents are limited to 16MB, are accessed as units.
- Scalable, using hashed sharding, so it’s used primarily for big data in clusters
- Replication for high availability
- Each non-cached point access requires a network round-trip.
- Transactions apply only to single documents handled in one update operation until v4.2.
- Unique query language is non-user friendly. No joins.
- Memory usage is high, because data tends to be stored in multiple places. No compression
- Many ‘agents’, ‘daemons’, and ‘service’ processes
- Not zero-administration
- Not appropriate for small environments such as inside IoT’s or personal devices
- Practically fixed in a single set of servers. Backups require further servers
- Pricing depends on resources consumed and plan