Loading...

Apply template

XML

Word

Printable

Details

Type: New Feature
Resolution: Can't Fix
Priority: Critical
Fix Version/s: 0.24.0
Affects Version/s: None
Component/s: None
Labels:
None

Platform:
All
Resolution comment:

Hide

since tcomp is a volatile storage the deployment must ensure the transport is secured (https at least) and the storage is not under tcomp responsability so this ticket does not need more work

Show
since tcomp is a volatile storage the deployment must ensure the transport is secured (https at least) and the storage is not under tcomp responsability so this ticket does not need more work
Sprint:
0.18.0
GreenHopper Ranking:
0|i0yoln:
GreenHopper Ranking (Obsolete):
9223372036854775807
Project Size:
Small

Story Points:
40

Description

Handle encryption / decryption (crypto in general) of properties at runtime (supporting on-premise like JKS/HadoopKMS & cloud like crypto service/AWS KMS)

Crypto Service from PlatformServices description: https://in.talend.com/15993165

Products:
Data Streams, Data Prep, Data Catalog (maybe Talend 7)

What should be encrypted:
Only credentials at first

Important note:
Encrypt and decrypt operations could be done in different places in the architecture
encrypt in within applicative services, decrypt will be in runtime (in the job)

Key management:
Will be used what is provided by Platform Services

local based on JKS
based on AWS KMS service

Steps:

Provide method to collect and set sensitive data from Properties instance
Extend crypto client with method to encrypt/decrypt properties
Use extended crypto client in TCOMP

Attachments

Activity

People

Assignee:: Ivan Gonchar

Reporter:: michael hirt

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 30/Jan/17 2:46 AM

Updated:: 16/Oct/18 5:34 PM

Resolved:: 16/Oct/18 5:34 PM

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1d 1h