cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexey Zotov (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-6018) Add option to encrypt commitlog
Date Sun, 29 Dec 2013 07:06:51 GMT


Alexey Zotov commented on CASSANDRA-6018:


this is not my business, but I do not suggest you to use Cassandra for a billing system:
- currently Cassandra has some issues with loosing data (at least one: CASSANDRA-5789)
- there were fixed a lot of "loosing data" issues for the previous year
- Cassandra is actively developed right now and this gives additional risks of newly-arrived
issues. Moreover it's an open-source solution (despite of you are using Enterprise edition)
and no-one guarantees nothing. 

But this is my vision and I hope everything will be fine.

> Add option to encrypt commitlog 
> --------------------------------
>                 Key: CASSANDRA-6018
>                 URL:
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Jason Brown
>            Assignee: Jason Brown
>              Labels: commit_log, encryption, security
>             Fix For: 2.1
> We are going to start using cassandra for a billing system, and while I can encrypt sstables
at rest (via Datastax Enterprise), commit logs are more or less plain text. Thus, an attacker
would be able to easily read, for example, credit card numbers in the clear text commit log
(if the calling app does not encrypt the data itself before sending it to cassandra).
> I want to allow the option of encrypting the commit logs, most likely controlled by a
property in the yaml.

This message was sent by Atlassian JIRA

View raw message