You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@lucene.apache.org by Chris Zakian <cz...@gmail.com> on 2011/08/12 21:15:50 UTC

Adding Encryption to lucene indexes

Hello,

I am currently adding Lucene (in combination with hibernate search) to a
medical record service. As such, I need to encrypt the indexes so that
unauthorized people don't have access to them by bypassing the system's
database security. I was wondering if anyone had a) implemented a security
measure that encrypts the indexes or b) if I were to write my own
encryption, what classes actually handle all the IO to and from the indexes.
In praticular, where would I get the Input/Output Streams in order to
encrypt them.

Thanks,
Chris.
GSOC intern with OpenMRS

Re: Adding Encryption to lucene indexes

Posted by Grant Ingersoll <gs...@apache.org>.

You might try searching JIRA, I believe there is an issue in there that attempts to provide an encrypted Directory implementation.   You might also just use file system encryption.

On Aug 12, 2011, at 8:09 PM, Chris Zakian wrote:

> Hey, thanks for your reply Shaneal,
> 
> I do have a person to consult with about the crypto code, it is just a
> matter of figuring out which streams
> to grab. So encrypting all of the write operations in IndexOutput (and
> DataOutput) and decrypting to plaintext in IndexInput on the way out should
> let me search normally correct? In other words, when I do a query, will it
> also pass through the same classes so that There is still search
> functionality?
> 
> On Fri, Aug 12, 2011 at 6:43 PM, Shaneal Manek <sh...@greplin.com> wrote:
> 
>> For starters, you probably shouldn't be writing your own crypto code
>> (unless you're a professional cryptographer, or your project has
>> access to one to audit your code). See, for example,
>> 
>> http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html
>> .
>> If you *have* to, you'll probably want to subclass the NIOFSDirectory
>> (and, more precisely, the IndexInput and IndexOutput streams).
>> 
>> A more reasonable approach might be to encrypt the underlying volume
>> the Lucene Index will be on with something like LVM. The details will,
>> of course, depend on the particulars of how/when you have access to
>> your key.
>> 
>> -Shaneal
>> 
>> On Fri, Aug 12, 2011 at 12:15 PM, Chris Zakian <cz...@gmail.com> wrote:
>>> Hello,
>>> 
>>> I am currently adding Lucene (in combination with hibernate search) to a
>>> medical record service. As such, I need to encrypt the indexes so that
>>> unauthorized people don't have access to them by bypassing the system's
>>> database security. I was wondering if anyone had a) implemented a
>> security
>>> measure that encrypts the indexes or b) if I were to write my own
>>> encryption, what classes actually handle all the IO to and from the
>> indexes.
>>> In praticular, where would I get the Input/Output Streams in order to
>>> encrypt them.
>>> 
>>> Thanks,
>>> Chris.
>>> GSOC intern with OpenMRS
>>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@lucene.apache.org
>> For additional commands, e-mail: java-user-help@lucene.apache.org
>> 
>> 

--------------------------------------------
Grant Ingersoll



---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@lucene.apache.org
For additional commands, e-mail: java-user-help@lucene.apache.org

Re: Adding Encryption to lucene indexes

Posted by Chris Zakian <cz...@indiana.edu>.

Hey, thanks for your reply Shaneal,

I do have a person to consult with about the crypto code, it is just a
matter of figuring out which streams
to grab. So encrypting all of the write operations in IndexOutput (and
DataOutput) and decrypting to plaintext in IndexInput on the way out should
let me search normally correct? In other words, when I do a query, will it
also pass through the same classes so that There is still search
functionality?

On Fri, Aug 12, 2011 at 6:43 PM, Shaneal Manek <sh...@greplin.com> wrote:

> For starters, you probably shouldn't be writing your own crypto code
> (unless you're a professional cryptographer, or your project has
> access to one to audit your code). See, for example,
>
> http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html
> .
> If you *have* to, you'll probably want to subclass the NIOFSDirectory
> (and, more precisely, the IndexInput and IndexOutput streams).
>
> A more reasonable approach might be to encrypt the underlying volume
> the Lucene Index will be on with something like LVM. The details will,
> of course, depend on the particulars of how/when you have access to
> your key.
>
> -Shaneal
>
> On Fri, Aug 12, 2011 at 12:15 PM, Chris Zakian <cz...@gmail.com> wrote:
> > Hello,
> >
> > I am currently adding Lucene (in combination with hibernate search) to a
> > medical record service. As such, I need to encrypt the indexes so that
> > unauthorized people don't have access to them by bypassing the system's
> > database security. I was wondering if anyone had a) implemented a
> security
> > measure that encrypts the indexes or b) if I were to write my own
> > encryption, what classes actually handle all the IO to and from the
> indexes.
> > In praticular, where would I get the Input/Output Streams in order to
> > encrypt them.
> >
> > Thanks,
> > Chris.
> > GSOC intern with OpenMRS
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@lucene.apache.org
> For additional commands, e-mail: java-user-help@lucene.apache.org
>
>

Re: Adding Encryption to lucene indexes

Posted by Shaneal Manek <sh...@greplin.com>.

For starters, you probably shouldn't be writing your own crypto code
(unless you're a professional cryptographer, or your project has
access to one to audit your code). See, for example,
http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html.
If you *have* to, you'll probably want to subclass the NIOFSDirectory
(and, more precisely, the IndexInput and IndexOutput streams).

A more reasonable approach might be to encrypt the underlying volume
the Lucene Index will be on with something like LVM. The details will,
of course, depend on the particulars of how/when you have access to
your key.

-Shaneal

On Fri, Aug 12, 2011 at 12:15 PM, Chris Zakian <cz...@gmail.com> wrote:
> Hello,
>
> I am currently adding Lucene (in combination with hibernate search) to a
> medical record service. As such, I need to encrypt the indexes so that
> unauthorized people don't have access to them by bypassing the system's
> database security. I was wondering if anyone had a) implemented a security
> measure that encrypts the indexes or b) if I were to write my own
> encryption, what classes actually handle all the IO to and from the indexes.
> In praticular, where would I get the Input/Output Streams in order to
> encrypt them.
>
> Thanks,
> Chris.
> GSOC intern with OpenMRS
>

---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@lucene.apache.org
For additional commands, e-mail: java-user-help@lucene.apache.org