A Quick Tour of Internal Authentication and Authorization Security in DataStax Enterprise and Apache Cassandra

The article discusses the new internal authentication and authorization features in DataStax Enterprise and Cassandra for version 3.0. These features are designed to address security weaknesses in NoSQL databases. Internal authentication involves managing user login accounts within Cassandra, while external authentication can be done through software like Kerberos or LDAP. Built-in Cassandra-based internal authentication and authorization is not enabled by default but can be easily configured by editing the cassandra.yaml file. Authorization (or permission management) in DataStax Enterprise and Cassandra uses a familiar RDBMS GRANT/REVOKE paradigm, allowing users to grant or revoke permissions on various objects within the database.