couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "PerDocumentAuthorization" by BramNeijt
Date Mon, 22 Nov 2010 10:26:02 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "PerDocumentAuthorization" page has been changed by BramNeijt.
http://wiki.apache.org/couchdb/PerDocumentAuthorization?action=diff&rev1=2&rev2=3

--------------------------------------------------

  The user is authenticated using any kind of authentication method (HTTP basic auth, or otherwise)
and is considered to be identified by a single identifying string. Under the term "specific
access", this document considers three types: being able to verify existence, being able to
read the document, and being able to update the document (deleting the document is considered
an update of the document)
  
  = Possible solutions =
+ == Smart proxy ==
+ Create a smart proxy that wraps all documents with the user credentials and filters all
results.
+ Access protection this solution implements:
+  * Update: completely, the proxy will request the document, inspect the credentials and
then allow or deny the update
+  * Verify existence: it is still possible to verify the existence of the document, because
trying to do an update will result in an Access denied instead of Not found.
+  * Read: protected by the proxy, which will filter the data out.
+ 
+ Limitations:
+  * Scalability: each CouchDB node will require this kind of smart proxy in front of it.
+  * Speed: having a proxy will increase the request latency.
+  * Views are crippled, if the view depends on the user it will have to be done "live", by
the proxy, which completely destroys the benefits of incremental map-reduce.
+ 
  == Document encryption on a per user basis ==
  This solution is described in [[https://docs.google.com/document/pub?id=1NWZ9xhsQvUL24IDa4erYcEZwkoNH6m13fizn8_og0gY|a
google document]] which was mentioned on the development mailinglist. The goal of this solution
is to create a P2P like system, where you can replicate data to nodes which you don't trust.
  

Mime
View raw message