solr-user@lucene.apache.org
Subject: RE: [Poll]: User need for Solr security
Jan - we don't really need any security for our products, nor for most clients.
However, one client does deal with very sensitive data so we proposed to
encrypt the transfer of data and the data on disk through a Lucene
ramework). Does anyone know how Manifold
> does it?
>
> - MJ
>
> -Original Message-
> From: Markus Jelsma [mailto:markus.jel...@openindex.io]
> Sent: Thursday, March 12, 2015 6:51 PM
> To: solr-user@lucene.apache.org
> Subject: RE: [Poll]: User need for Solr secur
-User-need-for-Solr-security-tp4192624p4192816.html
Sent from the Solr - User mailing list archive at Nabble.com.
Jan,
Index encryption is not really about trust to root users for us. It is
about letting client company to be able to secure their index with their
key. To prevent information loss through hacking to a server. What I agree
with is that this does go beyond just search ;)
Thanks for the JIRA, look
Eric,
right, filesystem level encryption is the way. Making encryption part of
the lucene data structures would be a tall order.
On Thu, Mar 12, 2015 at 5:22 PM, Erick Erickson
wrote:
> About <1>. Gotta be careful here about what would be promised. You
> really _can't_ encrypt the _indexed_ ter
: RE: [Poll]: User need for Solr security
Jan - we don't really need any security for our products, nor for most clients.
However, one client does deal with very sensitive data so we proposed to
encrypt the transfer of data and the data on disk through a Lucene Directory.
It won't fil
benefit and it would certainly make
Solr/Lucene the search platform to use for some enterprises.
Markus
-Original message-
> From:Henrique O. Santos
> Sent: Thursday 12th March 2015 23:43
> To: solr-user@lucene.apache.org
> Subject: Re: [Poll]: User need for Solr security
Hi,
I’m currently working with indexes that need document level security. Based on
the user logged in, query results would omit documents that this user doesn’t
have access to, with LDAP integration and such.
I think that would be nice to have on a future Solr release.
Henrique.
> On Mar 12,
If you cannot trust your root users you probably have bigger problems than with
search... I think it has been suggested to encrypt on codec or directory level
as well. Yep, here is the JIRA
https://issues.apache.org/jira/browse/LUCENE-2228 :)
--
Jan Høydahl, search solution architect
Cominvent
About <1>. Gotta be careful here about what would be promised. You
really _can't_ encrypt the _indexed_ terms in a meaningful way and
still search. And, as you well know, you can reconstruct documents
from the indexed terms. It's lossy, but still coherent enough to give
security folks fits.
For in
Hi,
Things you have mentioned would be useful for our use-case.
On top we've seen these two requests for securing Solr:
1. Encrypting the index (with a customer private key for instance). There
are certainly other ways to go about this, like using virtual private
clouds, but having the feature i
Hi,
Securing various Solr APIs has once again surfaced as a discussion in the
developer list. See e.g. SOLR-7236
Would be useful to get some feedback from Solr users about needs "in the field".
Please reply to this email and let us know what security aspect(s) would be
most important for your c
12 matches
Mail list logo