Hi Joni There are no plans as such at this stage, however we realise this is an area we'd like to address. Specifically, what is interesting to me is:
* Encrypting wire protocols: both inter-node communication (JGroups) as well as client/server comms (mainly Hot Rod) * Authentication for inter-node comms (JGroups) * Authentication for remote client connections (mainly Hot Rod again) * Authentication for in-VM connections (via embedded API) * ACLs for actual data. Perhaps read/write/update/delete permissions. Haven't thought too hard about granularity here (individual entries, entire named caches, or even a pattern of keys). So fairly hazy at this stage, perhaps with your background in grid security you could propose something? :-) Cheers Manik PS: cc'ing Darran Lofthouse who may have an opinion here to share as well. :) On 22 Aug 2011, at 15:33, Joni Hahkala wrote: > Hi, > > I was reading and watching presentations of Infinispan and it seems that > currently it is intended for use in secure environment, like data center > behind a firewall with other datacenters connected through secure links, > if I understood correctly. But deploying it in more open environment, > e.g. public cloud, could pose security risks. Manik said in a > presentation that the underlying Jgroups uses certificates (or can be > configured to use), and I would assume SSL. So, there is at least some > security in the Infinispan joins, leaves etc. Manik also told that there > has been some talk/plans already about the security in general. > > I would be interested in hearing about these plans for security and to > see if there is possibilities for cooperation. I'm currently searching > for a PhD subject, I have background in grid security, and this work > sounds like it could be useful and interesting. > > Cheers, > Joni > _______________________________________________ > infinispan-dev mailing list > infinispan-dev@lists.jboss.org > https://lists.jboss.org/mailman/listinfo/infinispan-dev -- Manik Surtani ma...@jboss.org twitter.com/maniksurtani Lead, Infinispan http://www.infinispan.org _______________________________________________ infinispan-dev mailing list infinispan-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/infinispan-dev
