qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Godfrey (JIRA)" <j...@apache.org>
Subject [jira] [Created] (QPID-6017) [Java Broker] Provide a mechanism by which "secure" attributes in the configuration can be encrypted
Date Mon, 18 Aug 2014 22:31:23 GMT
Rob Godfrey created QPID-6017:
---------------------------------

             Summary: [Java Broker] Provide a mechanism by which "secure" attributes in the
configuration can be encrypted
                 Key: QPID-6017
                 URL: https://issues.apache.org/jira/browse/QPID-6017
             Project: Qpid
          Issue Type: Improvement
          Components: Java Broker
            Reporter: Rob Godfrey
            Assignee: Rob Godfrey


Attributes in the configuration which contain confidential information such as passwords are
annotated as "secure" in their definition.  This is used to prevent their disclosure through
querying operations.  

However it may be the case that this information needs to be encrypted even within the configuration
store.  In this case the key material needed to decrypt the confidential information must
be held outside the configuration mechanism (otherwise we are just shifting the problem around).

Deployment environments may have site specific mechanisms my which encryption may occur, so
the encryption mechanism must be pluggable and configurable at the broker (and potentially
at the virtual host node) level.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message