Here is a feature comparison for InfinityDB Embedded and MongoDB. Even though MongoDB is entirely different from InfinityDB, we get many requests about it. The InfinityDB Client/Server is entirely different, built on top of the embedded version.
InfinityDB Encrypted Security Features
|Encrypted Data at Rest||100% of the data 100% of the time with selectable AES-128 or AES-256.||Enterprise Atlas Wired Tiger storage engine only. Each node requires a separate key.|
|Integrity Checked Data at Rest||100% of the data 100% of the time with HMAC-SHA256 on every block read||No|
|Per-block, per-write randomization||Independent random encryption ‘initialization vector’, HMAC, and HMAC salt are kept with each block with encrypted, HMAC’ed block number.||No|
|Encrypted Logs||No logs needed||No, but log level and filters may help|
|Encryption re-keying or rotation||Instant password change per database via embedded AES128 key-encryption key||Manual rotation of master only for the keystore|
|Database signing for authentication||Multiple signing per database with embedded X509 certificate trust chains or bare public keys, any signature algorithm, certificate verification, partial signing||None|
|Data Hashing for content ‘fingerprinting’||Fast, over encrypted or unencrypted content using SHA256||None|
|Data Shredding||Instant crypto-shred or fast overwrite of entire databases reliably deletes sensitive data||?|
|Compression of Encrypted Data||Universal full compression to 10x: Variable-length data and blocks, ZLib, UTF-8, common prefixes.||No compression – actually expansion|
InfinityDB Client/Server Security Features
|Secure Data in Motion||Universal SSL/TLS||SSL/TLS. Replication data is unencrypted|
|Authentication||HTTP Basic Auth within TLS pipe||LDAP, SCRAM, Kerberos, Client Certificate. Shards and replica sets need internal authentication|
|Authorization||Users, roles, permissions to databases. Admin via web GUI||Similar. Admin via CLI|
Basic Feature Comparison
- Commercial, closed-source, patented technology. Relies on no other libraries
- All Java
- Embedded, Encrypted, or Client/Server. Fits anywhere: in IoT’s, personal devices, or SaaS servers
- A simple ‘ItemSpace’ data model. Accessible as tables, documents, sets, lists, arrays, objects, blobs, more.
- Data is always sorted on 12 primitive types, with no key/value distinction.
- Component-based applications use provided virtual ItemSpaces
- Embedded ‘metadata’ for dynamic schema evolution
- Documents are of any size determined by prefix, individual operations are fine-grain
- Pattern queries are declarative, syntax-free, and re-usable as regular dbms data, with select/project/join.
- Backend web server for secure administration and secure graphical database browsing and editing
- Transparently remote databases
- Universal data compression
- Transactions are ACID compliant, covering multiple disjoint data subsets at any scale
- No extra processes required
- No administration when Embedded, but security in Client/Server may need admin.
- Single encrypted file, so data is portable, not in a dedicated cluster. No log. Server handles multiple files.
- Fast – reaches 1MOp/sec cached. Natural sorted data locality improves cache effectiveness
- Multi-core for all operations
- No operational cost, single update subscription
- Non-permissively licensed Open-Source NoSQL DBMS based on AGPL (later, modified to the SSPL). Applications are considered ‘separate works’.
- ‘BSON’ Documents are limited to 16MB, are accessed as units.
- Scalable, using hashed sharding, so it’s used primarily for big data in clusters
- Replication for high availability
- Each non-cached point access requires a network round-trip.
- Transactions apply only to single documents handled in one update operation until v4.2.
- Unique query language is non-user friendly. No joins.
- Memory usage is high, because data tends to be stored in multiple places. No compression
- Many ‘agents’, ‘daemons’, and ‘service’ processes
- Not zero-administration
- Not appropriate for small environments such as inside IoT’s or personal devices
- Practically fixed in a single set of servers. Backups require further servers
- Pricing depends on resources consumed and plan