The GridGain Enterprise Edition, built on Apache Ignite, includes security features that prevent unauthorized access to remote clients and other cluster members. The security features protect your business data against malicious attacks. In a distributed environment, since the cluster nodes communicate with each other over a network, lack of security can make the cluster vulnerable to attacks. If your organization stores critical data in distributed memory, securing access is crucial.
The GridGain Enterprise Edition Enterprise-Grade security solution provides pluggable authentication and authorization mechanisms. It also includes full security auditing capabilities which allow you to recreate any event in the system and trace it back to the user responsible for the event. To achieve fine-grained authorization, the GridGain Enterprise Edition security feature supports configuring various cache, task, and system level permissions. These features are not available in Apache Ignite.
GridGain Enterprise Edition Security Features
The GridGain Enterprise Edition provides multiple features for securing your data:
Transmitting data between GridGain nodes, over the network, can be protected with SSL. GridGain supports using SSL security that allows GridGain nodes to communicate with each other over a secure connection. This ensures that you are connected to the right nodes and keeps your data secure from hackers during transit between the cluster nodes. When configured with this security feature, GridGain encrypts all messages exchanged between the nodes, protecting the data from unauthorized users / malicious hands, even if it is stolen. GridGain supports various encryption algorithms to suit your application needs.
Pluggable Authentication and Authorization - JAAS, LDAP, JNDI, Kerberos
GridGain provides a pluggable Authenticator allowing users to plugin any of their existing authentication mechanisms into GridGain. It supports out of the box passcode-based and JAAS-based authentication. Through a JAAS-based implementation, GridGain is able to automatically support JNDI, LDAP, Active Directory, and any other JAAS-compliant authentication and authorization mechanisms. Once authenticated, a subject – remote node or client – is given a preconfigured list of authorized permissions. GridGain also allows for manual authorization checks from the user code whenever custom logic is required.
In-Cluster Node and Client Authentication
When GridGain security is turned on, any node (server or client) trying to join the cluster must be authenticated which prevents unauthorized access to the cluster and cached data. During authentication, GridGain checks that all server nodes are configured with the same authenticator. GridGain also supports authentication validation via a custom token. GridGain provides two ways to authenticate and authorize a subject (node or client) out of the box: JAAS Authentication and Passcode Authentication. All security credentials can be conveniently configured via code or Spring XML. Users can also plugin their own authentication and authorization logic, whenever custom behavior is required.
Cache, Task, and System Level Permissions
GridGain provides a preconfigured list of authorized permissions that can be assigned to any authenticated remote node or client. These permissions provide fine-grained control and can be set for any of the data read or write or admin operations: put, get, remove, closure or task execution, data querying and viewing, as well as administration and monitoring. Most of the permissions can be set on a per-cache level which provide users with the flexibility to have, for example, read and write permissions for one cache and only query permissions for another. Administrators and developers can also use the GridGain Visor monitoring and management tool to set all the available security permissions.
In multi-tenant applications, data subsets that belong to different tenants must be isolated from each other. GridGain supports isolation by creating separate caches for each different tenant and assigns proper security permissions to each cache. Since caches can be created and destroyed on demand dynamically, you do not have to preconfigure caches for all tenants. A new cache (or caches) should be created for any new tenant added to the system. Permissions for the tenant's users should be modified to allow access to these new caches and access to all other caches should be denied. These permissions guarantee that other tenants will never read or update data of this new tenant.
GridGain has multiple audit mechanisms that ensure that every event occurring in the system is traceable. The auditing function ensures that every event captures information about the party responsible for the event by storing authenticated subject ID. In addition to the username, every event also contains the responsible party’s IP address, cluster member’s IP address, and affected data before and after the change. In case one event is caused by another event, the child event will have audit information about the parent event. GridGain allows users to trace data accessed from server nodes as well as client-side near caches. GridGain also provides a pluggable mechanism for users to log (audit) events in any desired format to any underlying storage system, be that a file system or any database.