[MDEV-4631] CassandraSE: Encrypted column data type Created: 2013-06-10 Updated: 2017-02-01 Resolved: 2017-02-01 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Storage Engine - Cassandra |
| Fix Version/s: | N/A |
| Type: | Task | Priority: | Minor |
| Reporter: | VAROQUI Stephane | Assignee: | Unassigned |
| Resolution: | Won't Fix | Votes: | 1 |
| Labels: | cassandra | ||
| Issue Links: |
|
||||||||
| Description |
|
For PCI/DSS it required to store SHA1 keys in a separate server. We can propose Cassandra integration as a remote HA storage holding secret keys. Cassandra store in a column family a pre generated dictionary of keys. Custom column data type store encrypted values and in a header the key of Cassandra column family. On write in the column the Cassandra key should be randomly changed using a function hold in cache for period of time. We re generate the function reading some informations in the status table that should give a level of randomness to avoid dictionary attacks |
| Comments |
| Comment by roberto spadim [ 2013-08-17 ] |
|
please check if we should consider this one a "blocked by" |
| Comment by Sergei Petrunia [ 2017-02-01 ] |
|
Changing status to Wont-Fix as there is no work planned on Cassandra-SE currently |