Securing Cassandra
Cassandra provides various security features to the open source community.
Cassandra provides these security features to the open source community.
- SSL encryption
Cassandra includes secure communication from a client machine to a database cluster. Client to server SSL ensures data in flight is not compromised and is securely transferred. Client-to-node and node-to-node encryption can be configured.
- Authentication based on internally controlled login
accounts/passwords
Administrators can create users and roles who can be authenticated to Cassandra database clusters using the CREATE USER or CREATE ROLE command. Internally, Cassandra manages user accounts and access to the database cluster using passwords. User accounts may be altered and dropped using CQL.
- Object permission management
Once authenticated into a database cluster using either internal authentication, the next security issue to be tackled is permission management. What can the user do inside the database? Authorization capabilities for Cassandra use the familiar GRANT/REVOKE security paradigm to manage object permissions.