Embed Size (px)
DESCRIPTION
In the past, many NoSQL systems came with minimal security features and put security functions in the application layer. However, some newer NoSQL databases are supporting fine-grain security policy management. In this webinar we will discuss the trends in NoSQL security and the ability for new releases of some NoSQL databases to address in-database security concerns. We will see how security policies can be migrated from SQL to NoSQL systems.
Citation preview
Migrating Security Policies from SQL
to NoSQL
November 26, 2013With Panelist Adam Retter and Michael Allen
DanAdam Michael
M
D
Summary
• In the past, many NoSQL systems came with minimal security features and put security functions in the application layer. However, some newer NoSQL databases are supporting fine-grain security policy management. In this webinar we will discuss the trends in NoSQL security and the ability for new releases of some NoSQL databases to address in-database security concerns. We will see how security policies can be migrated from SQL to NoSQL systems. We will also be interviewing NoSQL vendors that have added security to the database layer and discuss their experiences with security conscious customers.
2Copyright Kelly-McCreary & Associates
M
D
Four Areas of DB Security
3
Authentication
Are users and requests from the people they claim to be?
Authorization
Can we track who read or updated data and when they did it.?
Encryption
Can we convert data to a form that can not be used by unauthorized viewers?
Do users have read or/write access to the appropriate data?
Audit
Copyright Kelly-McCreary & Associates, LLC
M
D
Security Policies
• Written statements, usually in English language text, that describes how your data is protected
• Examples of policy statements– Passwords must contain at least 6 characters
(Authentication)
– Only "managers" can approve travel requests (Authorization)
– All transactions that change data must be audited (Audit)
– All credit card information must be stored in encrypted fields (Encription)
4Copyright Kelly-McCreary & Associates
M
D
NoSQL Database Patterns
Relational Analytical (OLAP) Key-Value
Column-Family DocumentGraph
key value
key value
key value
key value
5Copyright Kelly-McCreary & Associates, LLC
M
D
Enterprise Security Requrments
6
Must have
single project
Need for in
database
security
Not required
Nice to havemultiple projects
enterprise wide
regulated
multi-division reporting
Enterprise rollout timeline
role-based access control
M
D
Review of RDBMS Security
• Authentication is usually done using
– external client
– internal database login/password
• Authorization is done on tables using DDL
– SQL "GRANT" statements
– Read, write, update, delete
– Views allow fine-grain control rows/columns
– Stored procedures allows "amplified" permissions
• Most RDBMS products have mature audit tools
• Most RDBMS systems use applications to encrypt data
7Copyright Kelly-McCreary & Associates
M
D
Review of Analytical Security
• Focus on who can access what "cubes"
• Some portions of fact tables (dimensions) can be restricted by user or group
• Minimal cell size restrictions in reports to prevent inference
• Example:
– What is the average math score of female Asian children in the 4th grade at this school?
– If there is only a single person in this set the privacy rules will not show any results
8Copyright Kelly-McCreary & Associates
M
D
Most New NoSQL Products
• Did not focus on security in the database
• Focused on application-level security
• Only more mature "release 2.0" systems
tend to add security
• Many regulated business (healthcare,
finance) could not use early NoSQL
systems but are not starting to adopt
NoSQL systems
9Copyright Kelly-McCreary & Associates
M
D
Implementing Security
• Many projects can put security at the application level
• Reporting tools frequently go directly against a database
10
Firewall
Database
Internet App Server
ReportingTools
Firewalls and application servers protect databases from unauthorized access
Reporting tools run directly on a database so the database may need its own security layer
M
D
Simple Circles, Simple Policies
• Simple authorization security policies can be drawn as Venn Diagrams
• Complex security policies have 100s of overlapping circles
11
databaseadministrators
authenticated users
intranet users
general public
M
D
Implementing Auth and Auth
12
Database
Request
Lookup
groups or
roles
Id in
header?
Y
Company
Directory
Get/Put
data
Role has
access to
data?
Y
Login
Login
OK
Database
Return
result
N
Return error
YDeny access
N
N
AuthorizationAuthentication
M
D
Security Grain
13
Data-base
Collection
Document
Element
Course grain access control
– little performance impact
Fine grain access control
– large performance impact
• Version "1.0" of many NoSQL databases only control
access based on collections
• Fine-grain access control can limit performance on
distributed systems
M
D
Collections, Document and Elements
• Applies to some types of NoSQL systems
14
Databasedatabase root collection
department collection
application collection
document
element
M
D
The UNIX file system model
15
• HDFS and eXist-db both support the UNIX security model
owner group others
RWX RWX RWX
110 110 100
The permissions for anyone outside your group are
Read=true, Write=false and Execute=false
The letters RWX are for Read, Write and Execute Permissions
Your own permissions Your group's permissions Everyone else
M
D
Role-Based Security Models
• Sample UML diagram for role-based
security
16
M
D
Simplified RBAC Model
• Role based access control models
decouple the user from the resource
17
User RolePermission
(read, write)
Resource
(collection, document)
Resources are associated with a permission for each role.
Each user has one or moreroles in the database.
Roles are associated with one or more permissions.
M
D
MarkLogic Security Model
• Sample RBAC model in MarkLogic
18
User Role Permission
Roles exist in a hierarchy and lower roles inherit permissions from upper roles.
Document
Collection
Execute Privilege
URI Privilege
Amplified Permission (AMP)
Users and roles both have default permissions for documents and
collections.
Multiple roles can be associated with special privileges on functions, queries and URIs.
Each permission record , stored with a document or collection, associates a single capability(read, write, update or execute) with a single role.
Each document and collection is associated with a URI and permissions.
M
D
Apache Accumulo
• Visibility is a 64-bit field that holds authorization information. Only users that have the right visibility settings can see the value
19
Row IDFamily Qualifier
Timestamp Value
Key
Column
Visibility
M
D
Amazon S3 Security Models
20
Allow
Actions:PutObject
Resourceaws:s3:::bucket_kma/*
IAM Policy
Allow WhoAnnDan
Actions:PutObject
ResourceAws:s3::bucket_kma/*
Bucket Policy
Is the same as
Ann Dan
M
D
eXist-db
Kelly-McCreary & Associates, LLC21
http://exist-db.org
Migrating Security Policies from SQL
to NoSQL
November 26, 2013With Panelist Adam Retter and Michael Allen
DanAdam Michael
M
D
Sample Slides
• Encryption and Security in Accumulo
• Michael Allen
• Sqrrl Data Inc.
• http://www.slideshare.net/DonaldMiner/acc
umulo-oct2013bofpresentation
23Copyright Kelly-McCreary & Associates
M
D
Thank You
• @dmccreary
• @adamretter
24Kelly-McCreary & Associates, LLC
