cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Brown (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9633) Add ability to encrypt sstables
Date Mon, 25 Jan 2016 14:25:40 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15115270#comment-15115270
] 

Jason Brown commented on CASSANDRA-9633:
----------------------------------------

Pushed a first-pass implementation [here|https://github.com/apache/cassandra/compare/trunk...jasobrown:9633]

This submission does piggy back off the {{ICompressor}} interface, and plugs in reasonably
well. Due to the stateful nature of {{EncryptingCompressor}} (see [the note|https://github.com/jasobrown/cassandra/blob/9633/src/java/org/apache/cassandra/io/compress/EncryptingCompressor.java#L47]
at the top of the class file), it needs a unqiue copy of the compressor when creating new
SSTables; hence the reason for {{CompressionParams.copyWithFreshCompressor()}}. I'm open to
sugesstions on improving this.

Through testing this, I uncovered some inefficiencies with {{CipherFactory}} (added with CASSANDRA-9945),
so I refactored it a bit to cache instances of {{KeyProvider}}. Encrypted commit logs (CASSANDRA-6018)
and hints (CASSANDRA-11040) are not really affected by this refactor.

One oddity, though, will be for users when they do want to encrypt a table; they will have
to set the compression options on the table - which doesn't map, in an obvious manner, to
encryption. I'm wide open to suggestions on how to improve the "UI" for this; however, I'd
be a bit reticent to create a parallel set of of classes similar to what we have for compression,
as I suspect encryption won't be as widely employed as compression (and I'm not sure the extra
infrastructure is worth it). 

> Add ability to encrypt sstables
> -------------------------------
>
>                 Key: CASSANDRA-9633
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9633
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jason Brown
>            Assignee: Jason Brown
>              Labels: encryption, security, sstable
>             Fix For: 3.x
>
>
> Add option to allow encrypting of sstables.
> I have a version of this functionality built on cassandra 2.0 that piggy-backs on the
existing sstable compression functionality and ICompressor interface (similar in nature to
what DataStax Enterprise does). However, if we're adding the feature to the main OSS product,
I'm not sure if we want to use the pluggable compression framework or if it's worth investigating
a different path. I think there's a lot of upside in reusing the sstable compression scheme,
but perhaps add a new component in cqlsh for table encryption and a corresponding field in
CFMD.
> Encryption configuration in the yaml can use the same mechanism as CASSANDRA-6018 (which
is currently pending internal review).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message