Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-4631

CassandraSE: Encrypted column data type

Details

    Description

      For PCI/DSS it required to store SHA1 keys in a separate server. We can propose Cassandra integration as a remote HA storage holding secret keys.

      Cassandra store in a column family a pre generated dictionary of keys.

      Custom column data type store encrypted values and in a header the key of Cassandra column family.

      On write in the column the Cassandra key should be randomly changed using a function hold in cache for period of time. We re generate the function reading some informations in the status table that should give a level of randomness to avoid dictionary attacks

      Attachments

        Issue Links

          Activity

            please check if we should consider this one a "blocked by" MDEV-4912, or if we will implement this as a "native" field type

            rspadim roberto spadim added a comment - please check if we should consider this one a "blocked by" MDEV-4912 , or if we will implement this as a "native" field type

            Changing status to Wont-Fix as there is no work planned on Cassandra-SE currently

            psergei Sergei Petrunia added a comment - Changing status to Wont-Fix as there is no work planned on Cassandra-SE currently

            People

              Unassigned Unassigned
              stephane@skysql.com VAROQUI Stephane
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.