GigaSpaces secures data in transit and data at rest, utilizing the Spring Security framework for highly customizable authentication and access control for Java applications, in addition to protection from cyber attacks. A Spring-based security bridge enables an extensible implementation to LDAP (Lightweight Directory Access Protocol) or database authentication.
Sensitive data can be kept in the space in encrypted format, and be decrypted on the client side when the required key is supplied, at the table and column level. GigaSpaces’s Data at Rest Encryption can be based on Spring Security On-Prem Encryption Options or integrate with Native Cloud encryptions such as AWS EC2 Encryption, S3 SSE, GCP Encryption, and more.
Both models support AES level cipher encryption with integration to external Key management Infrastructure, such as AWS KMS.
GigaSpaces uses multi-tier security architecture, with Role Based Access Control (RBAC) and promotes segregation of duties and supports SSO integration. It supports oAuth 2.0 Login, SAML 2.0 Login, OAuth 2.0 Login, OpenID Authentication and additional Pre-Authentication Scenarios such as SiteMinder and a number of other authentication mechanisms.
Extensive log viewers are available in the Ops Manager for review and monitoring by CISOs, Information Security Directors and others, to provide insights into data, services and system KPIs. The log files can be customized for GS managers, GSA, and Web-UI, including log levels of Warning, Info, Debug and more.