You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Jason Brown (JIRA)" <ji...@apache.org> on 2013/09/12 20:31:57 UTC

[jira] [Updated] (CASSANDRA-6018) Add option to encrypt commitlog

     [ https://issues.apache.org/jira/browse/CASSANDRA-6018?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jason Brown updated CASSANDRA-6018:
-----------------------------------

    Description: 
We are going to start using cassandra for a billing system, and while I can encrypt sstables at rest (via Datastax Enterprise), commit logs are more or less plain text. Thus, an attacker would be able to easily read, for example, credit card numbers in the clear text commit log (if the calling app does not encrypt the data itself before sending it to cassandra).

I want to allow the option of encrypting the commit logs, most likely controlled by a property in the yaml.

  was:
We are going to start using cassandra for a billing system, and while I can encrypt sstables at rest (via Datastax Enterprise), commit logs are more or less plain text. Thus, an attacker would be able to easily read, for example, credit card numbers in the clear if the calling app does not encrypt the data itself before sending it to cassandra.

I want to allow the option of encrypting the commit logs, most likely controlled by a property in the yaml.

    
> Add option to encrypt commitlog 
> --------------------------------
>
>                 Key: CASSANDRA-6018
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-6018
>             Project: Cassandra
>          Issue Type: Task
>          Components: Core
>            Reporter: Jason Brown
>            Assignee: Jason Brown
>              Labels: commit_log, encryption, security
>             Fix For: 1.2.10, 2.0.1
>
>
> We are going to start using cassandra for a billing system, and while I can encrypt sstables at rest (via Datastax Enterprise), commit logs are more or less plain text. Thus, an attacker would be able to easily read, for example, credit card numbers in the clear text commit log (if the calling app does not encrypt the data itself before sending it to cassandra).
> I want to allow the option of encrypting the commit logs, most likely controlled by a property in the yaml.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira