Back

SENSITIVE DATA STORE IN MARIADB

Investigation into MariaDB with Galera Cluster as a secure, scalable solution for sensitive data storage — with a password management case study.

MariaDBGalera ClusterDockerNext.jsZod
GitHub

Overview

An advanced databases project assessing MariaDB as a secure, scalable DBMS for sensitive data storage. We investigated MariaDB's architecture in depth — its pluggable storage engine design (InnoDB for ACID-compliant transactional data, ColumnStore for analytics), Galera Cluster for multi-master synchronous replication, and MaxScale for intelligent load balancing. The practical case study implemented a password management system deployed with Docker-containerized Galera Cluster nodes, a Next.js frontend, and comprehensive security measures including Zod input validation, parameterized queries, and TLS-encrypted node communication.

Key Results

Multi-master sync

Replication

Automatic

Failover

Prevented (Zod)

SQL Injection

Docker Galera

Deployment

Full compliance

ACID

TLS node-to-node

Encryption

Methodology

Conducted a three-part investigation: (1) Architectural analysis of MariaDB's SQL layer, storage engines, and ACID compliance, (2) Functionality investigation of Galera Cluster's synchronous replication, MaxScale load balancing, and security features, (3) Case study implementing a password management application with Docker-containerized Galera Cluster, application-level load balancing, and Zod-based input validation to prevent SQL injection.

What We Built

  • In-depth analysis of MariaDB's pluggable storage engine architecture
  • Galera Cluster multi-master synchronous replication for zero-downtime failover
  • Comprehensive SQL injection prevention through Zod validation and parameterized queries
  • Docker-containerized deployment of Galera Cluster nodes
  • Application-level load balancing integrated directly into backend code
  • TLS-encrypted cluster communication for data in transit

Challenges

  • MariaDB lacks extensive documentation for Docker-based Galera Cluster deployments compared to MySQL
  • Traditional connection pooling incompatible with Vercel's serverless functions — required dynamic connection strategy
  • Limited free VM hosting options capable of supporting Galera Cluster requirements
  • Balancing MaxScale's load-balancing capabilities against deployment complexity constraints

Outcomes

  • Validated MariaDB with Galera Cluster as a viable solution for sensitive data management
  • Demonstrated that application-level load balancing can replace MaxScale in resource-constrained environments
  • Identified key trade-offs between advanced enterprise features and deployment simplicity
  • Architecture proved applicable across healthcare, financial services, and e-commerce sectors

Papers & Reports

A Universal Sensitive Data Store in MariaDB

Project report covering architectural analysis, functionality investigation, and deployment case study.

Back to all projects