Eventsourcing Patterns: Throw Away the Key

Written by Mathias Verraes - - Aggregated on Monday May 13, 2019

Throw Away the Key

Encrypt sensistive information in an event and delete the key.

Problem

The problem is the same as for Forgettable Payloads: some attributes of an event should not be read by all consumers, and we should be able to delete them, without touching the event store.

Solution

Encrypt the sensitive attributes, with a different encryption key for each resource (such as a customer). Only give the key to consumers that require it. When the sensitive information needs to be erased, delete the encryption key instead, to ensure the information can never be accessed again. This effectively makes all copies and backups of the sensitive data unusable.

The Throw Away the Key pattern is of course only as good as your encryption and your keey management practices.

Eventsourcing Patterns

  1. Forgettable Payloads
  2. Throw Away the Key

Intrigued? I teach workshops about DDD for Messaging Architectures.


« Own Your Narrative - Eric L. Barnes

Mathias Verraes - Eventsourcing Patterns: Forgettable … »