Database Reference
In-Depth Information
CHAPTER 4
Cassandra Data Security
Database security means protecting sensitive data and database applications from unau-
thorized access. Scalability and high availability of data are definitely good things to
have, but so is data security! For example, financial and other public industries require
scalable, highly available, and secured databases. That said, organizations of many
kinds, and especially financial and governmental ones, prioritize security.
Since Cassandra 1.2.2 onward, we can secure data with Cassandra in two ways, ac-
cess control and encryption. Authorization and authentication support is available with
Cassandra.
This chapter will cover the following topics:
•
Cassandra's
system
and
system_auth
keyspaces
•
Managing user permissions
•
Internode and client-server SSL encryption
Authentication and Authorization
Authentication means providing control over users trying to access a data store. The
user's identity has to be validated while securing the connection with the database.
There are three basic types of authentication:
•
Internal authentication
. With internal authentication generally the data
store would manage the user's login via credentials such as user id and
password.
