Hi,
In my experience there may be two aspects to what you want to achieve;
- Confidentiality - only those who need access to the data can see the data
- Integrity - tamper evident & non repudiation…
With regard to 1, encryption is the typical approach. This will likely apply to your process variables (and business data). Ive seen two approaches to this.
If you use something like AWS RDS, then you can encrypt the database such that data at rest, eg backups etc cannot be read without access to the encryption key. Access to the database by DBAs is audited rather than prevented.
The second approach is to perform application layer encryption. In this case, your process tasks would encrypt and decrypt the data on each access etc. Ive easily done this suing client side script in data entry forms and serverside script tasks. A credible javascript crypto library can be found here. The challenge here is managing the crypto keys. AGain a key managament service like AWS KMS can be useful… In addition this thread may be of interest.
With regard to 2, some approaches Ive seen are to create a tamper evident linked list in the audit/history table. Thus for each history entry perform a SHA256 hash of the entry’s content plush the hash of the prior record and store with the entry. More secure approaches use say an HMAC and/or an external timestamp service.
In the longer term, data encryption and a secure, tamper evident audit log would make useful feature requests…
regards
Rob