Blog

Aerospike 4.6 – Enhancing Enterprise-grade Security and Critical Developer Features

headshot-Srini-Srinivasan-201810-720x720--150x150
Srini Srinivasan
Founder and Chief Technology Officer
July 23, 2019|3 min read
Ronen Botzer
Ronen Botzer
Director of Product
July 23, 2019|3 min read

Aerospike is pleased to announce the availability of Aerospike 4.6 in August of 2019. This release significantly enhances existing enterprise-grade security and delivers critical developer functionality for hyperscale data-intensive applications.

The fast adoption of Aerospike in large enterprise environments is driving the need to support even more security layers and also to support developers with the ability to build even more complex applications. Aerospike has had a strong focus on security since the early releases of the Aerospike database.

Aerospike has been supporting multiple important enterprise-grade security features such as:

  • Authentication

    – Lightweight Directory Access (LDAP)

  • Encryption

    – Support for data encryption-in-motion (TLS 1.2) and data encryption-at-rest (AES-128 and AES-256)

  • Access management

    – Role Based Access Management (RBAC) System

  • Audit

    – granular and configurable audit trails

Building on the existing feature set with Aerospike 4.6 security has been enhanced even further to mitigate insider threats under a zero-trust architecture and help enterprises meet compliance requirements.

New security features include:

  • Kerberos Network Authentication Protocol:

    Provides strong authentication for client/server applications by using secret-key cryptography.

    Kerberos

  • Whitelisting:

    Strong security model which provides granular access restrictions at the domain and user level.

    Whitelist-v4

  • Write-Only Roles: Provides role level access controls for reporting into Aerospike but not reading data.

Write-only-Access-v4

Some use cases that are enabled by the above features include deployment configurations that have security domains with different access rights within a single organization. For example, a user can be authorized to write data that is classified as highly secure but is not allowed to read data submitted by others with the same highly secure classification. Individual domains and users can also be selectively restricted to access only certain sets of data. Therefore, these features allow Aerospike to be used for fine grained security models in highly secure organizations.

Developer Features

Aerospike 4.6 also been investing heavily in features for developers. Aerospike’s client libraries include a REST client, Java, C, Python, Go and a number of other popular clients. Aerospike has also supported a rich API for Complex Data Types (List and Map) since 2015.Aerospike 4.6 continues to make it easier to develop more sophisticated complex data models in support of applications requiring performance at hyperscale. New developer features include support for:

Nested Complex Data Types: Enables the application of popular List and Map atomic operations on deeply nested data structures. This gives the Aerospike key-value database a more complete document-store functionality.

Nested-CDTs-v3

Bitwise Operations: Adds atomic operations to be used on Binary Large Objects (BLOBs). Modeling daily/monthly active users, user segments, and bitfields using bitwise operations is enhanced by the enterprise compression feature to squeeze logical data into a much smaller storage footprint on SSD.

Bitwise-blob-v1

Useful Links: Press Release

Product Page: Aerospike Database

Solution Brief: Aerospike Enterprise Edition Database Solution Brief