One of the concerns that I could see enterprise customers having is around auditing and compliance scenarios. Riak doesn't have any support for this at the moment and I think it would be very close to impossible to implement anything like what most people in that situation want to see.
SQL Server, for example, supports SQL Server native logins as well as Kerberos authentication and a finely grained (but poorly understood) security model at the data level. Postgres has a similar set of features, (although implemented a bit more strangely) and SELinux compatibility is on the way. I suspect that both of these feature sets are the types of things that Kyle is mentioning. But even in both of these cases, applications frequently have a single user login and everyone connects using that login and removes all reason to have finely grained security in the first place. In the wonderful world of single node databases, it's very common to use read replicas and then have your DBAs find new jobs because they don't want to carry a pager for when replication breaks in the middle of the night. Thankfully we don't have that problem with Riak, but I can't see how routings to specific nodes will do anything more than make a Riak cluster brittle. --- Jeremiah Peschka - Founder, Brent Ozar PLF, LLC Microsoft SQL Server MVP On Sep 30, 2011, at 7:36 PM, Aphyr wrote: > On 09/30/2011 02:50 PM, Kyle Quest wrote: >> I'm not here to define a perfect infrastructure for securing NoSQL >> databases and Riak and go into implementation details... It's not my >> intention because I simply don't have time to dedicate to this big >> project and it's impossible to come up with a perfect solution right >> away. Either way asking customers to be security experts is asking >> for trouble... And I base this statement on the actual real world >> experience in security, which I have quite a bit. I'll leave it on >> this note :-) And let's talk in 10 or 15 years :-) > > Let's skip the ad hominem. I'm gay. You are *not* going to win a > bitchiness contest. > > I want to help people build robust, secure systems. What little you've > proposed is not only useless but dangerous. I can't risk someone > implementing it. > > I'm volunteering my time to answer questions on building secure > applications in general: with Riak, with MySQL, with HTTP, with Active > Directory, whatever. Not an expert on everything, but I can provide > pointers to more comprehensive sources. Feel free to contact me off-list > if it doesn't pertain to Riak. > > I'll also try to write an introductory blog post on application security > this weekend. If you'd like to contribute, or just want to see some > topic covered, let me know. > > --Kyle Kingsbury > > _______________________________________________ > riak-users mailing list > [email protected] > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com _______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
