cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Brown (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-6018) Add option to encrypt commitlog
Date Thu, 14 Jan 2016 13:08:40 GMT


Jason Brown commented on CASSANDRA-6018:

Pushed the few updates [here|],
which include:

- renamed {{encrypt}} to {{encryptAndWrite}}
- rebased to trunk

I tried to create a new test for {{CommitLogUpgradeTest}} by using {{CommitLogUpgradeTestMaker}},
but there's something broken with the Maker when creating commit logs for > 3.0 (broken
for all commit log types: normal, compressed, and encrypted). I will create a follow up ticket
to resolve that, and will add encryption tests as part of that commit.

> Add option to encrypt commitlog 
> --------------------------------
>                 Key: CASSANDRA-6018
>                 URL:
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jason Brown
>            Assignee: Jason Brown
>              Labels: commit_log, encryption, security
>             Fix For: 3.x
> We are going to start using cassandra for a billing system, and while I can encrypt sstables
at rest (via Datastax Enterprise), commit logs are more or less plain text. Thus, an attacker
would be able to easily read, for example, credit card numbers in the clear text commit log
(if the calling app does not encrypt the data itself before sending it to cassandra).
> I want to allow the option of encrypting the commit logs, most likely controlled by a
property in the yaml.

This message was sent by Atlassian JIRA

View raw message