Makes sense to make it stream attribute. Thks Amol
On Wed, Dec 16, 2015 at 11:34 AM, Vlad Rozov <[email protected]> wrote: > +1 - support should be at the network and buffer server levels. > > Vlad > > > On 12/15/15 00:10, Timothy Farkas wrote: > >> I think encryption of data sent across the wire and operator logic are >> orthogonal. The user should just have to set DAG level attribute to >> enable/disable encryption, without having to write any encryption related >> code. I think this would require changes to the Buffer Server publisher >> and >> subscriber though. >> >> On Mon, Dec 14, 2015 at 11:27 PM, Chandni Singh <[email protected]> >> wrote: >> >> When we are dealing with secured data, the usual scenarios are that you >>> get >>> encrypted data. >>> This data need to decrypt and then perform other functions on it. The >>> output of the dag is then encrypted. >>> >>> In the past we have solved these use cases by performing >>> decryption/encryption in the operator. >>> IMO the operator approach works better because these processes may >>> require >>> invoking utilities and also operators can be configured easily using >>> properties. >>> >>> Chandni >>> >>> On Mon, Dec 14, 2015 at 10:34 PM, Sandesh Hegde <[email protected] >>> > >>> wrote: >>> >>> Well we have committers from bank, their feedback will be really >>>> >>> valuable. >>> >>>> On Mon, Dec 14, 2015 at 10:30 PM Priyanka Gugale < >>>> >>> [email protected] >>> >>>> wrote: >>>> >>>> Sounds good. This is good feature for banks and security domain. >>>>> One suggestion: We can do key management ourself at application (may be >>>>> >>>> by >>>> >>>>> providing default keys) and there should be an option to override keys >>>>> >>>> if >>> >>>> user really want to do so. >>>>> >>>>> -Priyanka >>>>> >>>>> On Tue, Dec 15, 2015 at 11:37 AM, Chinmay Kolhatkar < >>>>> [email protected] >>>>> >>>>>> wrote: >>>>>> Hi All, >>>>>> >>>>>> I wanted to propose an idea using which one can have encrypted stream >>>>>> flowing in a DAG. >>>>>> >>>>>> Basically, the idea is to create a new EncryptedInputPort which will >>>>>> >>>>> extend >>>>> >>>>>> from DefaultInputPort and will return a StreamCodec object which will >>>>>> >>>>> take >>>>> >>>>>> care of encryption/decryption. >>>>>> As the same StreamCodec object will be used at OutputPort, the >>>>>> >>>>> encryption >>>> >>>>> can be done in toByteArray method at Output port and decryption can >>>>>> >>>>> be >>> >>>> done >>>>> >>>>>> in fromByteArray at Input port. >>>>>> >>>>>> By default we can support some basic encryption algorithms like RSA >>>>>> >>>>> and >>> >>>> DSA >>>>> >>>>>> where user need to provide the key(s) to EncryptedInputPort. >>>>>> >>>>>> Any thoughts? >>>>>> >>>>>> ~ Chinmay. >>>>>> >>>>>> >
