[
https://issues.apache.org/jira/browse/CASSANDRA-6018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15094050#comment-15094050
]
Branimir Lambov commented on CASSANDRA-6018:
--------------------------------------------
bq. While there's prossibly some improvements that can be taken into account,
...
Sounds good. Could {{encrypt}} be renamed to {{encryptAndWrite}} to make
obvious what it does?
I believe the || in [catching
{{SegmentReadException}}|https://github.com/apache/cassandra/commit/cbc36f629a3fe5ad537f57a4c24e437052772178#diff-4c3a8240a441cef90e68dddd0246ee64R105]
should be an &&: invalid CRC is not tolerated even in the last segment.
The {{ReadCommandTest}} failures should disappear once you rebase to latest
trunk.
> Add option to encrypt commitlog
> --------------------------------
>
> Key: CASSANDRA-6018
> URL: https://issues.apache.org/jira/browse/CASSANDRA-6018
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Jason Brown
> Assignee: Jason Brown
> Labels: commit_log, encryption, security
> Fix For: 3.x
>
>
> We are going to start using cassandra for a billing system, and while I can
> encrypt sstables at rest (via Datastax Enterprise), commit logs are more or
> less plain text. Thus, an attacker would be able to easily read, for example,
> credit card numbers in the clear text commit log (if the calling app does not
> encrypt the data itself before sending it to cassandra).
> I want to allow the option of encrypting the commit logs, most likely
> controlled by a property in the yaml.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
