Client-side encryption capabilities with KeyVault integration

[mschmieder]

User story Reading through the currently available documentation, it is not clear if there is any encryption mechanism provided that is suitable for handling PHI. In order to use this promising backend service we would need some client-side encryption mechanisms for the AzureBlobStorage as well as for the SQL Server.

For the Blob-Storage the Standard encryption with KeyVault integration that is available within the dotnet-stack would be sufficient https://docs.microsoft.com/en-us/azure/storage/common/storage-client-side-encryption?tabs=dotnet

For the database-side using SQL Always Encrypted would be the preferred way of handling PHI. https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine?view=sql-server-ver15

Are there any plans to integrate this into this project?

[Kiechlus]

Any news on this feature? Would be great to have it.

[StevenBorg]

@Kiechlus and @mschmieder, I apologize for the delay. Let me look into this more closely and get back to you. Thanks for your patience, and thank you so much for taking the time to comment and provide feedback.

[smithago]

close as stale

[KarlKl]

I am also interested in this feature. Has this feature been implemented in the meantime? Or is it supported by default?