Pentaho Data Integration - Kettle

As an Administrator, I want to avoid a JVM dump or define in memory encryption of data

Details

  • Type: New Feature New Feature
  • Status: Open Open
  • Priority: Severe Severe
  • Resolution: Unresolved
  • Affects Version/s: 4.1.2
  • Fix Version/s: Future Release
  • Component/s: API
  • Labels:
  • Customer Case:
  • QA Validation Status:
    Not Yet Validated

Description

Use case is for security reasons, avoid dumping the JVM memory etc.

Ideas:
- We may think of a new storage type, delete temporarily unencrypted objects after their usage, eventually involve GC.
- Or even think of a pluggable data policy on the row level. (e.g. custom plug-in checks at first time of object creation if this field (e.g. defined by the field name or other criteria defined by the custom plug-in) is defined as sensitive data and need to be encrypted).

Issue Links

This issue relates to:
PDI-6774 As an ETL-Administrator, I want to set some security restrictions by a security level Medium Open

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Matt Casters added a comment - 09/May/11 2:43 AM - edited
I don't even know what all this means. In general a user either has access to the VM or not. If access is possible there is no telling what you can do.
That's simply the end of the story. There are no work-arounds or whatever to make that any harder.
In-memory encryption is no use if the decryption algorithm is somewhere available to the VM.
Show
Matt Casters added a comment - 09/May/11 2:43 AM - edited I don't even know what all this means. In general a user either has access to the VM or not. If access is possible there is no telling what you can do. That's simply the end of the story. There are no work-arounds or whatever to make that any harder. In-memory encryption is no use if the decryption algorithm is somewhere available to the VM.
Hide
Permalink
Marc Batchelor added a comment - 18/May/11 9:46 AM
My research shows that the only way to protect yourself from people examining a heap dump to prevent heap dumps:

1- -XX:HeapDumpPath=/dev/null

2- In *nix systems, you can disable all core dumps (not java specific) with (the -H is a hard limit):
ulimit -c -H 0
Show
Marc Batchelor added a comment - 18/May/11 9:46 AM My research shows that the only way to protect yourself from people examining a heap dump to prevent heap dumps: 1- -XX:HeapDumpPath=/dev/null 2- In *nix systems, you can disable all core dumps (not java specific) with (the -H is a hard limit): ulimit -c -H 0

People

Vote (0)
Watch (1)

Dates

  • Created:
    08/May/11 10:04 AM
    Updated:
    05/Oct/11 3:57 AM
Atlassian JIRA (4.3.x) | Report a problem
Powered by a free Atlassian JIRA open source license for Pentaho.org. Try JIRA - bug tracking software for your team.