Thank you so much On 10/20/17, Stefan Podkowinski <s...@apache.org> wrote: > I've been recently looking into how we could improve security in > Cassandra by integrating external solutions. There are very interesting > projects out there, such as Vault[0], but also a growing list of > security related APIs offered by cloud providers. > > Today Cassandra can already be customized by using different > authenticators. We also have a really nice role based access model. But > there are other parts of Cassandra that are simply painful to work with, > such as certificate management for SSL, or anything related to local > keystores. No one wants to deal with that. Wouldn't it be cool to have > automated, build-in certificate management instead? That's what got me > started to work on CASSANDRA-13971. > > Some cloud providers and solutions like Vault also offer key management > features that we could use for data-at-rest encryption. Same for > identity services and authentication. > > I'm going to start working on some ideas[1] how we could integrate Vault > for certificate management, data-at-rest encryption and authentication. > But I'd really like to see support for cloud platforms as well. It would > be great to hear some other opinions and suggestions on that, especially > from people who already have been worked with e.g. AWS KMS, AWS cert and > identity manager, or related GC / Azure service. Also, where can we > improve to make Cassandra more secure by default in general? > > [0] https://www.vaultproject.io > [1] > https://docs.google.com/document/d/1D8Td_M9wG7_kD0za-AlM_e524cFj2VnbU3mSYpAkViQ/edit?usp=sharing > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org > For additional commands, e-mail: dev-h...@cassandra.apache.org > >
-- Lutaaya Shafiq Web: www.ronzag.com | i...@ronzag.com Mobile: +256702772721 | +256783564130 Twitter: @lutayashafiq Skype: lutaya5 Blog: lutayashafiq.com http://www.fourcornersalliancegroup.com/?a=shafiqholmes "The most beautiful people we have known are those who have known defeat, known suffering, known struggle, known loss and have found their way out of the depths. These persons have an appreciation, a sensitivity and an understanding of life that fills them with compassion, gentleness and a deep loving concern. Beautiful people do not just happen." - *Elisabeth Kubler-Ross* --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org
