All, A group of us are looking to use OrientDB in an exploratory configuration, designed to address security concerns in a multi-level and/or multi-network security realm form. Namely, among other things we will look at extending the row level security model that is now a part of Orient to include network based mediation; in other words, data access control is not simply a function of who you are but also includes where your client access point. This will allow for different security postures to be established for the same user when he/she is interacting with the DB from say a public site vice a provide site.
In addition to using Orient, we are also going to take a look at Accumulo (which also has cell level security) potentially with Titan as a GDB front end and, finally, at PostgreSQL which also has work being done related to row level security. Right now Oracle stands alone with its technology for addressing this requirement, through the application of Oracle RDBMS, Label Security, Database Vault and Cross Domain Security Express. Several of my colleagues and I have some pretty good experience with these technologies in these sorts of DB configurations, having worked to successfully establish them in a variety of environments; we would like to see if we can build some alternatives in the OSS space, so that customers can have a choice! Of course we will be looking for great collaboration from teammates like you in this group! Our initial activity will be to propose one or more architectural approaches that are designed to address the general requirements of such a configuration; we will draw upon various industry standard specifications around user identity management, mandatory and discretionary access control and event auditing that make up the bulk of these requirements (typically know as AAA in information systems security). We have established a Google Group to support these efforts; please come check us out at: https://groups.google.com/forum/?hl=en#!forum/mls-oss Looking forward to seeing many of you there! Alan -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
