Hi Manish,
Thanks for moving over the DGraph security discussion as this is a better place to talk about this idea.
At this time, I would rather discuss with you, off-forum, the specifics of the project as it is still in the molding state but is starting to form well based upon projects like DGraph.
As to the security concerns, in my initial basic testing to the single-instance dgraph example (I plan to set up a distributed multi-instance across 2 physical servers for testing over the next couple of days) I found in my first setup that you can easily add information to the graph database with simple “curl” and POST commands which is great, but as this systems is to be physically spread out I need to be able to ensure that only specific users can read/write to any of the nodes.
The TLS communications might be very useful to help protect against the man-in-the-middle attack as you have mentioned but I also wonder about latency with this approach.
The idea of an ACL layer might be very useful as well even if a simple one to get things moving along since I could see needing this before a live system is ready.
Your current demo (https://dgraph.io/ - which is very nice by the way and is what I am going to replicate this weekend if I get time) is very functional, but given that curl POST can be utilized, I do not see how you can protect the demo data from becoming corrupt by someone sending information into the dgraph database and some kind of basic protection seems warrented.
Anyway, maybe we can talk more about my specific project and how we can work together but I do see great potential for DGraph and its use in this way.
Cheers,
Lonnie