Question about security

Gary Smith gary.smith at holdstead.com
Wed Jan 12 13:17:14 EST 2011


> Hi,
> 
> Newbie question. I am trying to find documentation about Riak security.
> I have seen
> http://wiki.basho.com/Network-Security-and-Firewall-Configurations.html,
> but I could not find much on access control.
> 
> Is it possible to secure access to Riak nodes? Does it offer something
> similar to http://srp.stanford.edu/ (i.e. remote login)?
> 
> I read somewhere that Riak does not use encryption for exchange between
> nodes. Is this (still) correct? What about communication with users
> applications?
> 
> If the answer to the above question is no, then how can one secure a
> Riak system properly?
> 

Put an apache (or whatever) server in front and proxy the requests accordingly and setup the security through the underlying web service.  


You -> [ apache -> riak ] (where [] is the box).

Or

You -> apache -> riak (where riak only allows requests from the apache server via the firewall on the riak server -- such as iptables)

The same problem exists in technologies like memcached.   



More information about the riak-users mailing list