Security
Distributed cache operates in an environment having access to many different users, where any user can change cache configuration, perform any management operation or can have access to cache data without any restriction. The concern of cache security arises when the data being dealt with is critical or the administrative access to the cache should be granted to only a list of authenticated users. This is where NCache security comes in handy for providing different cache access levels and fulfilling the need to ensure a secure distributive caching system.
NCache provides a security feature with different level of granularity that can be implemented as per requirements.
NCache security feature incorporates security at two distinct access levels
These levels of security are intended to secure both management and client level access to your cache. By default, security feature is disabled for both the access levels.
i. Administrative/Management Level Security
Management level security in NCache ensures that a remote cluster node is protected from any unauthorized user access. It is used to validate authorized users that have access to perform any management operation on a cluster node. To secure overall multi-node cache cluster, the security must be enabled on each individual node of the cluster.
Once management level security is configured on the server node allowing only a few users to have administrative permissions, no users other than those specified will have access to perform any management operations such as creating new cache, removing/adding existing cache, starting/stopping cache etc on that node
Privileged Windows Administrator
Users other than those configured as node administrators are not permitted to perform any management related operation on the node. But there is one exception:
"A user is also granted administrative permissions if the provided credentials are valid local system administrator credentials."
It means that a local window administrator always has administrative rights and permissions whether managerial operation is performed locally, or from any other server node, using local windows credentials. So if a node is not authorized as an administrator and that node is being used to perform an operation on a personal machine, all that is needed to perform remote management operation on the system is to provide valid system credentials.
ii. Cache API level Security
Cache level security in NCache ensures that cache data is protected from any unauthorized user access. Cache API level security is used to validate authorized users who try to establish a connection with cache via NCache API. By enabling cache level security, the clients’ access to cluster cache data for either reading or writing can be controlled. Only those clients who are verified as valid and authenticated users, are allowed to perform cache level operations.
Once, cache level security is configured on a cache allowing only a few users to have cache API authorization, no users other than those specified will have access to perform any cache operations on the cache such as initializing cache, adding/ updating in cache, removing/fetching any data etc.
If security is enabled on a cache, then credentials must be provided along with initialize cache call to establish a connection.
Authentication and Authorization
NCache security ensures that only authenticated and authorized connections to the cache are accepted either for cache usage or for administration. All other connections are rejected.
NCache uses system level and Active Directory authentication to verify connection identity. When NCache security is enabled, all connections to the cache cluster must first be authenticated against Active Directory at the cache server. If Active Directory authentication is failed, then system authentication is carried out only if management operation is requested on cache.
Credentials must be provided at the time of establishing a connection to the cache. And, if these credentials are not authenticated, the connection request is denied. User credentials can be specified at the following places:
-
NCache client configuration files.
-
When calling NCache.InitializeCache(…) API from client’s application.
-
In NCache Manager for administering the cache.
After NCache authenticates a connection to the cache successfully, it checks NCache security configuration files at the cache server in order to authorize this connection.
Each connection to the cache can be categorized as one of the followings:
-
User: The user can access the cache for read/write but cannot administer it. A user is defined at cache level.
-
Admin: The admin can access the cache for read/write and can also administer it. An “admin” is defined at cache server level.
If an Admin connection is authenticated as local system administrator, then it is considered as an authorized connection without looking up the configuration files.
Data Encryption
As in distributive environment, caching systems mostly interact via network channels for transferring data between clients and remote servers. The data travels and resides in the cache in its original form, and anyone eavesdropping on a connection can intercept its data easily, if it is not encrypted. Data encryption feature provided by NCache is very important to secure sensitive data by reducing the security risk if data travels through network or is stored in the cache unprotected.
NCache provides a rich set of encryption algorithms that are nearly impossible to break. This ensures that the sensitive data is really protected well. NCache provides the following encryption algorithms to choose from:
-
3DES: very strong 168-bit encryption
-
AES-128: very strong 128-bit encryption
-
AES-192: very strong 192-bit encryption
-
AES-256: very strong 256-bit encryption
NCache data encryption and decryption occurs inside the NCache client application process. This means that data traveling over the network between the application and the cache cluster is already encrypted. Similarly, only encrypted data is stored in cache store.
Encryption can be enabled through NCache management tools without any programming effort. To learn how to enable encryption, please see configuring encryption for cache.
Once encryption is enabled, NCache client automatically starts encrypting objects before sending them to the cache cluster. And, it automatically decrypts objects fetched from the cache before delivering them to the application.
If NCache encryption is enabled, data associated with all of the following operations is encrypted:
-
Data being transacted.
-
Data traveling via network.
-
Data being loaded via cache startup loader.
-
Data in cache queues buffer etc.
NCache uses an encryption key which is kept inside NCache security configuration files at each cache server in an encrypted manner. Encryption key is automatically sent to clients to be used in memory upon a successful connection.
See Also