[infinispan-issues] [JBoss JIRA] Commented: (ISPN-143) Security needs to be considered

[Aleksander Adamowski (JIRA)]

    [ https://issues.jboss.org/browse/ISPN-143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12604552#comment-12604552 ] 

Aleksander Adamowski commented on ISPN-143:
-------------------------------------------

I can confirm that the security issue is an important factor.

In our organization, API level access control, usable in standalone server configuration, was one of key factors that influenced the choice of Oracle Coherence (http://coherence.oracle.com/display/COH35UG/access-controller) and Terracotta (much weaker with http://www.terracotta.org/confluence/display/wiki/DEVELOPING+WITH+TERRACOTTA#DEVELOPINGWITHTERRACOTTA-Doyouhaveanexampleofhowtodeliveracacheasaservicetomanyclientapplications%3F and http://www.terracotta.org/confluence/display/docs/JMX+Guide#JMXGuide-JMXAuthentication) over Infinispan as the official standard.




> Security needs to be considered
> -------------------------------
>
>                 Key: ISPN-143
>                 URL: https://issues.jboss.org/browse/ISPN-143
>             Project: Infinispan
>          Issue Type: Feature Request
>            Reporter: Manik Surtani
>            Assignee: Manik Surtani
>             Fix For: 5.2.0.Final
>
>
> We need to consider security for Infinispan.  Storing state on the cloud only makes sense if the data can be secured.  Both encryption and authentication need to be considered, and all levels (wire protocol, cache store, public API, server module, etc) need to be taken in to consideration.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira