You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Kashyap Mhaisekar <ka...@gmail.com> on 2014/11/12 04:37:57 UTC
Security in 0.8.2 beta
Hi,
Is there a way to secure the topics created in Kafka 0.8.2 beta? The need
is to ensure no one is asked to read data from the topic without
authorization.
Regards
Kashyap
Re: Security in 0.8.2 beta
Posted by Kashyap Mhaisekar <ka...@gmail.com>.
Thanks. We use the encryption approach as well. But the 2 topic approach is
unique. Thank you.
Kashyap.
On Nov 12, 2014 1:54 AM, "Joe Stein" <jo...@stealth.ly> wrote:
> I know a few implements that do this "encrypt your messages with a PSK
> between producers and consumers". One of them actually writes the
> "encrypted <symmetric key>" on a different topic foreach downstream
> consumer private key that can read the message. This way when you are
> consuming you consume from two topics 1) the topic with the message (which
> is encrypted) you want 2) the topic that you can use your private key
> to decrypt (because your public key was used) the symmetric key and then
> use that to decrypt the message (which you join from the two streams by the
> uuid so each message has a different secrete key encrypted with your public
> key).... The other ones I can't talk about =8^) but this one I mention is
> interesting solution to this problem with Kafka I really like.
>
> /*******************************************
> Joe Stein
> Founder, Principal Consultant
> Big Data Open Source Security LLC
> http://www.stealth.ly
> Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop>
> ********************************************/
>
> On Wed, Nov 12, 2014 at 2:41 AM, Mathias Herberts <
> mathias.herberts@gmail.com> wrote:
>
> > Simply encrypt your messages with a PSK between producers and consumers.
> > On Nov 12, 2014 4:38 AM, "Kashyap Mhaisekar" <ka...@gmail.com>
> wrote:
> >
> > > Hi,
> > > Is there a way to secure the topics created in Kafka 0.8.2 beta? The
> need
> > > is to ensure no one is asked to read data from the topic without
> > > authorization.
> > >
> > > Regards
> > > Kashyap
> > >
> >
>
Re: Security in 0.8.2 beta
Posted by Joe Stein <jo...@stealth.ly>.
I know a few implements that do this "encrypt your messages with a PSK
between producers and consumers". One of them actually writes the
"encrypted <symmetric key>" on a different topic foreach downstream
consumer private key that can read the message. This way when you are
consuming you consume from two topics 1) the topic with the message (which
is encrypted) you want 2) the topic that you can use your private key
to decrypt (because your public key was used) the symmetric key and then
use that to decrypt the message (which you join from the two streams by the
uuid so each message has a different secrete key encrypted with your public
key).... The other ones I can't talk about =8^) but this one I mention is
interesting solution to this problem with Kafka I really like.
/*******************************************
Joe Stein
Founder, Principal Consultant
Big Data Open Source Security LLC
http://www.stealth.ly
Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop>
********************************************/
On Wed, Nov 12, 2014 at 2:41 AM, Mathias Herberts <
mathias.herberts@gmail.com> wrote:
> Simply encrypt your messages with a PSK between producers and consumers.
> On Nov 12, 2014 4:38 AM, "Kashyap Mhaisekar" <ka...@gmail.com> wrote:
>
> > Hi,
> > Is there a way to secure the topics created in Kafka 0.8.2 beta? The need
> > is to ensure no one is asked to read data from the topic without
> > authorization.
> >
> > Regards
> > Kashyap
> >
>
Re: Security in 0.8.2 beta
Posted by Mathias Herberts <ma...@gmail.com>.
Simply encrypt your messages with a PSK between producers and consumers.
On Nov 12, 2014 4:38 AM, "Kashyap Mhaisekar" <ka...@gmail.com> wrote:
> Hi,
> Is there a way to secure the topics created in Kafka 0.8.2 beta? The need
> is to ensure no one is asked to read data from the topic without
> authorization.
>
> Regards
> Kashyap
>
Re: Security in 0.8.2 beta
Posted by Gwen Shapira <gs...@cloudera.com>.
Nope.
Here's the JIRA where we are still actively working on security, targeting
0.9:
https://issues.apache.org/jira/browse/KAFKA-1682
Gwen
On Tue, Nov 11, 2014 at 7:37 PM, Kashyap Mhaisekar <ka...@gmail.com>
wrote:
> Hi,
> Is there a way to secure the topics created in Kafka 0.8.2 beta? The need
> is to ensure no one is asked to read data from the topic without
> authorization.
>
> Regards
> Kashyap
>