> For instance, way AAA (authentication, authorization, audit) is done, doesn't > allow for centralized account and access control management, which in reality > translates into shared accounts and no hierarchy.
Authentication and Authorization are both pluggable. Any organization can write their own, and tie it to any AAA system they currently have. If they were feeling generous, they could open source it for the community, and perhaps bring it upstream. There’s nothing fundamentally preventing your organization from writing an Authenticator ( https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/auth/IAuthenticator.java ) or Authorizor ( https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/auth/IAuthorizer.java ) if they were so inclined. Audit is something that’s being actively discussed ( https://issues.apache.org/jira/browse/CASSANDRA-8844 ). It’s an open source project with a very small number of commercial vendors. In general, that means there are 3 options: Wait for someone else to write it to fit their need, and hopefully they open source it. Write it yourself Pay a vendor (such as Datastax), and let them know in advance it’s a requirement to get it on their roadmap. This is really #2 with some polish to make it easier to get through your legal/AP systems. >So far it doesn't work quite well, and from what you are saying, it wouldn't, >because of lack of knowledge and lack of motivation to get it. What would be >your suggestion? Who is capable of answering my questions? Is there another >community, I should turn to? The cassandra-user and cassandra-dev mailing lists are the primary sources of knowledge outside of support contracts. For paid support, companies like Datastax and The Last Pickle tend to be well respected options. Both of those companies will probably answer some of your questions for free if you post on these mailing lists. They’ll likely answer even more if you pay them. From: oleg yusim Reply-To: "user@cassandra.apache.org" Date: Friday, January 29, 2016 at 9:16 AM To: "user@cassandra.apache.org" Subject: Re: Session timeout Jon, I suspected something like that. I did a bit of learning on Cassandra before starting my assessment, and I understand that you are right, and it is generally not used like that. However (taking off my developer hat and putting on my security architect hat), from the security point of view the way Cassandra is used now is not very secure. For instance, way AAA (authentication, authorization, audit) is done, doesn't allow for centralized account and access control management, which in reality translates into shared accounts and no hierarchy. That in turn translates into situation when one person compromising credentials means complete disaster - administrative access to DB was just given up, with all the consequences. To top it all logging currently implemented in horrible manner too. It doesn't even allow to log username - basic requirement for any product, which would allow DBA or ISSO to figure out who did what on DB and recover in case of attack or crash. In general, logs the way they are today are targeted toward developer, making changes in DB, not toward the DBA, using it, and doesn't make much sense in my opinion. Now if you are interested in that subject, that document: http://iasecontent.disa.mil/stigs/zip/Jan2016/U_Database_V2R3_SRG.zip covers security concerns which should be taken in the account, when we are designing database. It also explains why each of them is important and what exactly would happen if it would be neglected. Jon, I would also appreciate suggestion. What I do right now is called "writing a STIG".That is when somebody takes concepts from SRG (the document I gave you link to above) and figures out how those are applied to that particular product. What is met (and what configuration on product leads to it, exactly), what is not met, but can be with little enhancement (and again - what those would be exactly), and what is not met and can't be met at current design. All that is combined into one document, called STIG and published by government (DISA) on http://iase.disa.mil/stigs/Pages/a-z.aspx page. Those STIGs mean a great deal from the security point of view because they: Allow to save a lot of time on re-assessment of the product every single time Allow to know what are the products limitations are from the security point of view before hands (and as such, place it right on the system, implementing all right compensation controls around it) Allow to automate, both configuration checks from the security point of view and hardening of the product Give product pass to DoD framework because if product has STIG and was configured in accordance to it, it is secure by DoD definition So overall, it is to the great benefit for the product to have STIG written for it, since it advances it on security market quite a bit and at the end - improves product's security posture quite a bit as well. My initial idea was that I would bring on board my knowledge of security concepts, and when I would lack understanding of intricate details of DB, I would turn to the Cassandra community for support. So far it doesn't work quite well, and from what you are saying, it wouldn't, because of lack of knowledge and lack of motivation to get it. What would be your suggestion? Who is capable of answering my questions? Is there another community, I should turn to? Would really appreciate your input on that, Thanks, Oleg On Fri, Jan 29, 2016 at 10:24 AM, Jonathan Haddad <j...@jonhaddad.com> wrote: I think the reason why most of your queries aren't being answered is because you're asking questions that most people don't have the answer to. On the automatic disconnect, anyone using Cassandra in prod doesn't really need to think about it because we're always running queries, perhaps millions a second. Queries are multiplexed over a single connection. Almost nobody ever actually runs into a case of leaving a socket open for hours without a query, so to find out if it actually happens, someone would have to look it up in the source. Your questions about auditing are geared more towards if you're using a database that's built for multi user access. Cassandra was built to solve a very different problem. In most cases, you don't have hundreds of people connecting from a shell, leaving connections open, casually querying for BI reports. This isn't how *most* people use Cassandra, it wasn't really built for that. There's better support for users & roles nowadays but it's relatively new and that's about all you have right now. I realize you're new to the community, and it can be frustrating to not get answers to questions that seem completely basic and obvious, but you're asking about areas that *most* people on this list don't have knowledge about and zero motivation to learn, because it's not necessary to solve the problems we face. On Fri, Jan 29, 2016 at 6:19 AM oleg yusim <olegyu...@gmail.com> wrote: Not a problem, Carlos, at least you tried :) I have overall a big problem with my queries to Cassandra community. Most of them are not getting answered. Oleg On Fri, Jan 29, 2016 at 8:03 AM, Carlos Alonso <i...@mrcalonso.com> wrote: Oh, I thought you meant read/write timeout, not session timeout due to inactivity... Not sure there's such option. Sorry Carlos Alonso | Software Engineer | @calonso On 29 January 2016 at 13:35, oleg yusim <olegyu...@gmail.com> wrote: Carlos, I went through Java and Python drivers... didn't find anything like that. Can you bring me example from your Ruby driver? Let me also make sure we are on the same page - I'm talking about session timeout due to inactivity, not read timeout or something like that. Thanks, Oleg On Fri, Jan 29, 2016 at 7:23 AM, Carlos Alonso <i...@mrcalonso.com> wrote: I personally don't use the Java but the Ruby driver, but I'm pretty sure you'll be able to find it in the docs: https://github.com/datastax/java-driver Carlos Alonso | Software Engineer | @calonso On 29 January 2016 at 13:15, oleg yusim <olegyu...@gmail.com> wrote: Hi Carlos, Thanks for your anwer. Can you, please, get me a bit me information? What is the driver? JDBC? What is the name of configuration file? Thanks, Oleg On Fri, Jan 29, 2016 at 5:12 AM, Carlos Alonso <i...@mrcalonso.com> wrote: Hi Oleg. The drivers have builtin the timeout configurable functionality. Hope it helps. Carlos Alonso | Software Engineer | @calonso On 28 January 2016 at 22:18, oleg yusim <olegyu...@gmail.com> wrote: Greetings, Does Cassandra support session timeout? If so, where can I find this configuration switch? If not, what kind of hook I can use to write my out code, terminating session in so many seconds of inactivity? Thanks, Oleg
smime.p7s
Description: S/MIME cryptographic signature
