Securing MongoDB 2.2 Authentication – Simple user/password scheme stored in MongoDB Authori(s|z)ation – Per database: no access, read, or read-write Auditing – Very Little Securing your MongoDB Implementation, Mark Hillick
MongoDB SSL Keyfile establishes trust http://docs.mongodb.org/manual/administration/ssl/ Application SSL encryption for client connection SSL encryption for inter-server traffic Primary Secondary Data Files Data Files Securing your MongoDB Implementation, Mark Hillick
Authentication with password hash • Use one-way function F mongod I am “[email protected]”, let me in Prove it, here is a random # N Here is F(N, hash()) Nobody else could know that, welcome back marko! Knows only my password hash Hash never transmitted over the network! Securing your MongoDB Implementation, Mark Hillick
External Authentication Use common / standardized authentication SASL: Simple Authentication and Security Layer – Framework for building authentication Kerberos – GSSAPI, drivers will be updated – Mixed system.users can work during transition Securing your MongoDB Implementation, Mark Hillick
Authentication with Kerberos KDC 1. I am “[email protected]”, help me prove it to mongod to UDP:88 - 2. Here is a TGT Mongod 3. TCP:27017 Here is a Kerberos TGT 4. Welcome, here is a Service Ticket! { user: ”[email protected]", roles: ["readWrite"], userSource: "$external" } Securing your MongoDB Implementation, Mark Hillick Keytab
ADMIN DB • clusterAdmin • AnyDatabase Securing your MongoDB Implementation, Mark Hillick Source:https://wellsted135.files.wordpress.com/2012/10/special.gif
Super-User userAdmin & userAdminAnyDatabase are Securing your MongoDB Implementation, Mark Hillick Only these users can view details about other users – system.users collection
I can do anything but I won’t be required to do much DB Admin: userAdmin DB Admin: clusterAdmin I can add and remove shards DB Accounts: userAdmin I can create new users but I can’t grant them privileges to other DB’s DB App: userAdmin DB App: dbAdmin I can grant privileges to the App DB only I can create indices, set profiling, compact Securing your MongoDB Implementation, Mark Hillick
In App.system.users : { user: “fred” , usersource: “Accounts” , roles: [ “userAdmin” ] } { user: “george” , usersource: “Accounts” , roles: [ “dbAdmin“ ] , } Each DB’s userAdmin gets to grant privileges separately DB App: dbAdmin I can grant privileges to the App DB only I can create indices, set profiling, compact Credentials from Accounts DB Securing your MongoDB Implementation, Mark Hillick DB App: userAdmin
Securing your MongoDB Implementation, Mark Hillick MongoDB Partners with Gazzang • File System Encryption • 5% performance hit with HDD, 10-15% with SSD File System – All contents encrypted OS Gazzang Gazzang Key Mgmt
Documentation Manual – http://docs.mongodb.org/manual/security/ • Security Features within MongoDB • Best Practices & Strategies • Tutorials • Vulnerability Notifications Securing your MongoDB Implementation, Mark Hillick
Disclaimer Statements about future releases, availability dates, and feature content reflect plans only, and 10gen is under no obligation to include, develop or make available, commercially or otherwise, specific feature discussed a future MongoDB build. Information is provided for general understanding only, and is subject to change at the sole discretion of 10gen in response to changing market conditions, delivery schedules, customer requirements, and/or other factors. Securing your MongoDB Implementation, Mark Hillick
Conclusion • 2.2 wasn’t great • 2.4 is much better & Enterprise-Level • Authentication & Authori(s|z)ation • Within & Outside Securing your MongoDB Implementation, Mark Hillick
markofu
uzulla
akki_megane
nomu
gen519
kenmatsu4
daina0321
tgalopin
korodroid
tamaiyutaro
tokyo_metropolitan_gov_smart_tokyo_strat
motok1
ganota
skipperchong
chriscoyier
addyosmani
jnunemaker
matthewcrist
tmm1
chrislema
stephaniewalter
jcasabona
jacobian
philhawksworth
bkeepers