Skip to Main Content
ARIS - SHARE YOUR IDEAS
How can we make ARIS better?
Status Shipped
Created by Guest
Created on Mar 22, 2022

Harden ARIS


Harden ARIS by addingencryption to all ARIS communication.

Zookeeper, elasticsearch must communicate with other runnables in the same or other available nodes. Please harden the runnables by enabling SSL (encryption at all possible levels). Security is not one thing, security is a series of steps. Therefore SSL would be one of many, but SSL is a good start.


Example:

https://www.kroll.com/en/insights/publications/cyber/enhanced-elasticsearch-security

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-started-enable-security.html

ARIS service release 10.0.13 provides login and password as a control method, but its on the open. Any sniffer can see the communication.


Brainstorm ID 8490
Created on Brainstorm 09/21/2020 09:37 AM