Skip to content

devdattakulkarni/Cassandra-KVAC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits

.externalToolBuilders

.externalToolBuilders

 
 

.settings

.settings

 
 

bin

bin

 
 

build

build

 
 

conf

conf

 
 

contrib

contrib

 
 

debian

debian

 
 

doc/cql

doc/cql

 
 

examples

examples

 
 

interface

interface

 
 

lib

lib

 
 

redhat

redhat

 
 

src

src

 
 

test

test

 
 

tools

tools

 
 

#build.xml#

#build.xml#

 
 

.classpath

.classpath

 
 

.project

.project

 
 

.project~

.project~

 
 

.rat-excludes

.rat-excludes

 
 

CHANGES.txt

CHANGES.txt

 
 

LICENSE.txt

LICENSE.txt

 
 

NEWS.txt

NEWS.txt

 
 

NOTICE.txt

NOTICE.txt

 
 

README.txt

README.txt

 
 

build.properties.default

build.properties.default

 
 

build.xml

build.xml

 
 

junitvmwatcher6963184783275561645.properties

junitvmwatcher6963184783275561645.properties

 
 

Repository files navigation

Cassandra-KVAC is implementation of Cassandra with the Key-Value Access Control Model (K-VAC).

Description and details about the K-VAC model can be found in:

https://github.com/devdattakulkarni/KVAC/tree/master/docs/kvac-model.pdf

Starting from the main Cassandra code base, we have added functionality
to support fine-grained access control model (K-VAC) for Cassandra.
In K-VAC, access control policies can be specified at the level of
rows and columns, along with keyspace and a column family.
Moreover, K-VAC supports content-based and context-based access control.

Design
-------
We define a new class called KVACAuthority in the org.apache.cassandra.auth package 
which enforces the K-VAC policies. The KVACAuthority implements the IAuthority interface.

To use K-VAC for access control, change the creation of authority in the 
DatabaseDescriptor class from SimpleAuthority to KVACAuthority.
To demonstrate use of K-VAC we have modified the ``get_slice'' method and 
the ``internal_get'' method of the CassandraServer class which is present in the org.apache.cassandra.thrift package.

The K-VAC policies are specified in XML. A sample policy file (Policy.xml)
is provided in conf directory.

Running Cassandra with K-VAC for the example Policy:
------------------------------------------------------
1) Run CassandraDaemon with the following VM arguments:
   -Dstorage-config=/Users/devdatta.kulkarni/Documents/Cassandra/apache-cassandra-0.8.6-src/conf
   -Dcassandra-foreground 
   -ea -Xmx1G
   -Daccess.properties=/Users/devdatta.kulkarni/Documents/Cassandra/apache-cassandra-0.8.6-src/conf/Policy.xml
   -Dpasswd.properties=/Users/devdatta.kulkarni/Documents/Cassandra/apache-cassandra-0.8.6-src/conf/passwd.properties

   This will start Cassandra Cluster on port 9170.

2) Go to cassandra's bin directory:
   
3) Execute: ./cassandra-cli

4) Connect to the cassandra cluster started in step 1:
   - connect localhost/9170 devdatta 'devdatta';

5) Create keyspace PatientInfoSystem:

6) Specify the Keyspace to use:
   - use PatientInfoSystem;

7) Execute a get:
   - get Doctor[jsmith];

DISCLAIMER:
------------
This code is currently at an experimental stage. PLEASE DO NOT use it for 
any critical projects. If you are looking for official version of Cassandra,
it can be found at:

http://cassandra.apache.org/

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages