DOCSP-21649 Add CSFLE terms to glossary (#1283)

ianf-mongodb · web-flow · commit e0e68a2f0252 · 2022-06-29T15:00:37.000-04:00
* DOCSP-21649 Add CSFLE terms to glossary * update definitions * update * build e * CR1 Feedback * caps * TR1 Feedback * TR2 Update Customer Master Key Definition
diff --git a/source/reference/glossary.txt b/source/reference/glossary.txt
@@ -174,6 +174,10 @@ Glossary
       :ref:`clustered index <db.createCollection.clusteredIndex>` key.
       See :ref:`clustered-collections`.
 
+   CMK
+      Abbreviation of Customer Master Key, see 
+      :term:`Customer Master Key`.
+
    collection
       A grouping of MongoDB :term:`documents <document>`. A collection
       is the equivalent of an :term:`RDBMS` table. A collection exists
@@ -247,6 +251,11 @@ Glossary
       the end or timeout of the session. 
       See :ref:`read-operations-cursors`.
 
+   Customer Master Key
+      A key that is used to encrypt your :term:`Data Encryption Key`. 
+      The customer master key should be hosted in a remote key 
+      provider.
+
    daemon
       The conventional name for a background, non-interactive
       process.
@@ -255,6 +264,12 @@ Glossary
       The file-system location where the :binary:`~bin.mongod` stores data
       files. The :setting:`~storage.dbPath` option specifies the data directory.
 
+   Data Encryption Key
+      A key you use to encrypt the fields in your MongoDB 
+      documents. The **encrypted** Data Encryption Key is stored in your 
+      Key Vault collection. The Data Encryption Key is 
+      encrypted by the :term:`Customer Master Key`.
+
    data partition
       A distributed system architecture that splits data into ranges.
       :term:`Sharding <sharding>` uses partitioning. See
@@ -302,6 +317,10 @@ Glossary
       databases) or updates that have unforeseen effects on the
       production database. See :ref:`replica-set-delayed-members`.
 
+   DEK
+      Abbreviation of Data Encryption Key, see 
+      :term:`Data Encryption Key`.
+
    document
       A record in a MongoDB :term:`collection` and the basic unit of
       data in MongoDB. Documents are analogous to :term:`JSON` objects
@@ -343,6 +362,13 @@ Glossary
       January 1st, 1970 at 00:00:00 UTC. Commonly used in expressing time,
       where the number of seconds or milliseconds since this point is counted.
 
+   Envelope Encryption
+      An encryption practice where data is encrypted using a 
+      :term:`Data Encryption Key` and the data encryption key is 
+      encrypted by another key called the :term:`Customer Master Key`.
+      Encrypted keys are stored within a MongoDB collection referred to
+      as the KeyVault as :term:`BSON` documents.
+
    eventual consistency
       A property of a distributed system that allows changes to the
       system to propagate gradually. In a database system, this means
@@ -536,6 +562,11 @@ Glossary
       :term:`JSON` with Padding. Refers to a method of injecting JSON
       into applications. **Presents potential security concerns**.
 
+   Key Vault Collection
+      A MongoDB collection used to store the encrypted 
+      :term:`Data Encryption Keys <Data Encryption Key>` as 
+      :term:`BSON` documents.
+
    least privilege
       An authorization policy that gives a user only the amount of access
       that is essential to that user's work and no more.
