You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A current limitation I see on some data grid implementations is the lack of an authentication scheme when a node joins a cluster.
This can be a huge security problem, since you need a way to ensure that all the nodes on a cluster are putting only valid data on the grid, and not malicious content, since the broadcast mechanism usually is something like jGroups, that does not forces any authentication scheme to any process which sends content to a given group.
I don't know if the best choice consists on ensure authentication/authorization on every change to the data stored on the grid, but at least an authentication scheme should be implemented.
The text was updated successfully, but these errors were encountered:
A current limitation I see on some data grid implementations is the lack of an authentication scheme when a node joins a cluster.
This can be a huge security problem, since you need a way to ensure that all the nodes on a cluster are putting only valid data on the grid, and not malicious content, since the broadcast mechanism usually is something like jGroups, that does not forces any authentication scheme to any process which sends content to a given group.
I don't know if the best choice consists on ensure authentication/authorization on every change to the data stored on the grid, but at least an authentication scheme should be implemented.
The text was updated successfully, but these errors were encountered: