You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Current state: Under Discussion

Summary


To support authentication by username/password when accessing milvus instance.

Motivation


There is no basic security model for milvus instances currently. Users can access any milvus instance once they have the address by any milvus sdk.
This project aims to support basic authentication with username/password. Clients need to provide username and password when accessing the milvus instance.

Design Details


Since grpc requests all handled by proxy, we will do the authentication in the proxy component. Logging in to the milvus instance will follow the processes below:

  1. Create credential for each milvus instance and store encrypted password in etcd. Here we use package bcrypt for encrypting the password which implements Provos and Mazières's adaptive hashing algorithm.
  2. Client sends credential when connecting milvus instance.
  3. Proxy component intercepts the request and verify the credential.


Etcd model for credentials:

Key: ${prefix}/credentials/users/${username}
Value: {"password": ${encrypted_password}, ...}


Interface for operating credentials:


struct Credential {
	username string,
	password string
}

func NewCredential() (bool,error)
func ListCredential() []Credential
func GetCredential(username string) *Credential
func UpdateCredential(cred Credential) (bool,error)
func DeleteCredential(username string) (bool,error)





This project also aims to provide HTTPS transport security, and it takes several certificate related configuration options, either through command-line flags or environment variables:
--cert-file=<path>: Certificate used for SSL/TLS connections to milvus.
--key-file=<path>: Key for the certificate. Must be unencrypted.
--client-cert-auth: When this is set milvus will check all incoming HTTPS requests for a client certificate signed by the trusted CA, requests that don’t supply a valid client certificate will fail.
--trusted-ca-file=<path>: Trusted certificate authority.
--auto-tls: Use automatically generated self-signed certificates for TLS connections with clients.

Test Plan


Case 1: create credentials for milvus

  1. Access with correct credentials should succeed
  2. Access with incorrect credentials should fail
  3. Access without credentials should fail


Case 2: no credentials created for milvus

  1. Access without credentials should succeed
  2. Access with credentials should fail


Case 3: https enabled for milvus

  1. Access with correct certificates should succeed
  2. Access with incorrect certificates should fail
  3. Access without any certificates should fail


Case 4: https not enabled for milvus

  1. Access without certificates should succeed
  2. Access with certificates should fail


Future work


Authorization on RBAC control

  • No labels