Security

GigaSpaces secures data in transit and data at rest, utilizing the Spring Security framework for highly customizable authentication and access control for Java applications, in addition to protection from cyber attacks. A Spring-based security bridge enables an extensible implementation to LDAP (Lightweight Directory Access Protocol) or database authentication.

Sensitive data can be kept in the space in encrypted format, and be decrypted on the client side when the required key is supplied, at the table and column level. GigaSpaces’s Data at Rest Encryption can be based on Spring Security On-Prem Encryption Options or integrate with Native Cloud encryptions such as AWS EC2 Encryption, S3 SSE, GCP Encryption, and more.

Both models support AES level cipher encryption with integration to external Key management Infrastructure, such as AWS KMS.

GigaSpaces uses multi-tier security architecture, with Role Based Access Control (RBAC) and promotes segregation of duties and supports SSO integration. It supports oAuth 2.0 Login, SAML 2.0 Login, OAuth 2.0 Login, OpenID Authentication and additional Pre-Authentication Scenarios such as SiteMinder and a number of other authentication mechanisms.

Extensive log viewers are available in the Ops Manager for review and monitoring by CISOs, Information Security Directors and others, to provide insights into data, services and system KPIs. The log files can be customized for GS managers, GSA, and Web-UI, including log levels of Warning, Info, Debug and more.

cpu blocks

GigaSpaces offers comprehensive security coverage:

plane-icon

Data layer: Declare a secured space or a stateless/stateful services, with regards to CRUD operations; includes various interfaces such as Client SDK (JAVA and .NET) RESTFul APIs, Command Line Interface (CLI) and Web UI (Ops Manager)

plane-icon

Management layer: Declare the data store management as secured, which includes the management operations, i.e. deploy/undeployed a function

plane-icon

Transport layer: Provides a generic network encrypted protocol with SSL/TLS support

plane-icon

Secured Data Functionality: focused on maintaining data confidentiality; provides a mix of data at rest encryption options for on-premises, cloud and hybrid configurations

InfoWant to learn more?

|

Download GigaSpaces Security Technical Paper

Read Now