cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oleg yusim <olegyu...@gmail.com>
Subject Re: Session timeout
Date Fri, 29 Jan 2016 17:16:38 GMT
Jon,

I suspected something like that. I did a bit of learning on Cassandra
before starting my assessment, and I understand that you are right, and it
is generally not used like that.

However (taking off my developer hat and putting on my security architect
hat), from the security point of view the way Cassandra is used now is not
very secure. For instance, way AAA (authentication, authorization, audit)
is done, doesn't allow for centralized account and access control
management, which in reality translates into shared accounts and no
hierarchy. That in turn translates into situation when one person
compromising credentials means complete disaster - administrative access to
DB was just given up, with all the consequences. To top it all logging
currently implemented in horrible manner too. It doesn't even allow to log
username - basic requirement for any product, which would allow DBA or ISSO
to figure out who did what on DB and recover in case of attack or crash. In
general, logs the way they are today are targeted toward developer, making
changes in DB, not toward the DBA, using it, and doesn't make much sense in
my opinion.

Now if you are interested in that subject, that document:
http://iasecontent.disa.mil/stigs/zip/Jan2016/U_Database_V2R3_SRG.zip
covers security concerns which should be taken in the account, when we are
designing database. It also explains why each of them is important and what
exactly would happen if it would be neglected.

Jon, I would also appreciate suggestion. What I do right now is called
"writing a STIG".That is when somebody takes concepts from SRG (the
document I gave you link to above) and figures out how those are applied to
that particular product. What is met (and what configuration on product
leads to it, exactly), what is not met, but can be with little enhancement
(and again - what those would be exactly), and what is not met and can't be
met at current design. All that is combined into one document, called STIG
and published by government (DISA) on
http://iase.disa.mil/stigs/Pages/a-z.aspx page. Those STIGs mean a great
deal from the security point of view because they:

   - Allow to save a lot of time on re-assessment of the product every
   single time
   - Allow to know what are the products limitations are from the security
   point of view before hands (and as such, place it right on the system,
   implementing all right compensation controls around it)
   - Allow to automate, both configuration checks from the security point
   of view and hardening of the product
   - Give product pass to DoD framework because if product has STIG and was
   configured in accordance to it, it is secure by DoD definition

So overall, it is to the great benefit for the product to have STIG written
for it, since it advances it on security market quite a bit and at the end
- improves product's security posture quite a bit as well. My initial idea
was that I would bring on board my knowledge of security concepts, and when
I would lack understanding of intricate details of DB, I would turn to the
Cassandra community for support.

So far it doesn't work quite well, and from what you are saying, it
wouldn't, because of lack of knowledge and lack of motivation to get it.
What would be your suggestion? Who is capable of answering my questions? Is
there another community, I should turn to?

Would really appreciate your input on that,

Thanks,

Oleg





On Fri, Jan 29, 2016 at 10:24 AM, Jonathan Haddad <jon@jonhaddad.com> wrote:

> I think the reason why most of your queries aren't being answered is
> because you're asking questions that most people don't have the answer to.
> On the automatic disconnect, anyone using Cassandra in prod doesn't really
> need to think about it because we're always running queries, perhaps
> millions a second.  Queries are multiplexed over a single connection.
> Almost nobody ever actually runs into a case of leaving a socket open for
> hours without a query, so to find out if it actually happens, someone would
> have to look it up in the source.
>
> Your questions about auditing are geared more towards if you're using a
> database that's built for multi user access.  Cassandra was built to solve
> a very different problem.  In most cases, you don't have hundreds of people
> connecting from a shell, leaving connections open, casually querying for BI
> reports.  This isn't how *most* people use Cassandra, it wasn't really
> built for that.  There's better support for users & roles nowadays but it's
> relatively new and that's about all you have right now.
>
> I realize you're new to the community, and it can be frustrating to not
> get answers to questions that seem completely basic and obvious, but you're
> asking about areas that *most* people on this list don't have knowledge
> about and zero motivation to learn, because it's not necessary to solve the
> problems we face.
>
>
> On Fri, Jan 29, 2016 at 6:19 AM oleg yusim <olegyusim@gmail.com> wrote:
>
>> Not a problem, Carlos, at least you tried :) I have overall a big problem
>> with my queries to Cassandra community. Most of them are not getting
>> answered.
>>
>> Oleg
>>
>> On Fri, Jan 29, 2016 at 8:03 AM, Carlos Alonso <info@mrcalonso.com>
>> wrote:
>>
>>> Oh, I thought you meant read/write timeout, not session timeout due to
>>> inactivity...
>>>
>>> Not sure there's such option. Sorry
>>>
>>> Carlos Alonso | Software Engineer | @calonso
>>> <https://twitter.com/calonso>
>>>
>>> On 29 January 2016 at 13:35, oleg yusim <olegyusim@gmail.com> wrote:
>>>
>>>> Carlos,
>>>>
>>>> I went through Java and Python drivers... didn't find anything like
>>>> that. Can you bring me example from your Ruby driver? Let me also make sure
>>>> we are on the same page - I'm talking about session timeout due to
>>>> inactivity, not read timeout or something like that.
>>>>
>>>> Thanks,
>>>>
>>>> Oleg
>>>>
>>>> On Fri, Jan 29, 2016 at 7:23 AM, Carlos Alonso <info@mrcalonso.com>
>>>> wrote:
>>>>
>>>>> I personally don't use the Java but the Ruby driver, but I'm pretty
>>>>> sure you'll be able to find it in the docs:
>>>>> https://github.com/datastax/java-driver
>>>>>
>>>>> Carlos Alonso | Software Engineer | @calonso
>>>>> <https://twitter.com/calonso>
>>>>>
>>>>> On 29 January 2016 at 13:15, oleg yusim <olegyusim@gmail.com> wrote:
>>>>>
>>>>>> Hi Carlos,
>>>>>>
>>>>>> Thanks for your anwer. Can you, please, get me a bit me information?
>>>>>> What is the driver? JDBC? What is the name of configuration file?
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Oleg
>>>>>>
>>>>>> On Fri, Jan 29, 2016 at 5:12 AM, Carlos Alonso <info@mrcalonso.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi Oleg.
>>>>>>>
>>>>>>> The drivers have builtin the timeout configurable functionality.
>>>>>>>
>>>>>>> Hope it helps.
>>>>>>>
>>>>>>> Carlos Alonso | Software Engineer | @calonso
>>>>>>> <https://twitter.com/calonso>
>>>>>>>
>>>>>>> On 28 January 2016 at 22:18, oleg yusim <olegyusim@gmail.com>
wrote:
>>>>>>>
>>>>>>>> Greetings,
>>>>>>>>
>>>>>>>> Does Cassandra support session timeout? If so, where can
I find
>>>>>>>> this configuration switch? If not, what kind of hook I can
use to write my
>>>>>>>> out code, terminating session in so many seconds of inactivity?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>> Oleg
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>

Mime
View raw message