OpenSearch icon indicating copy to clipboard operation
OpenSearch copied to clipboard
verified publisher icon opensearch-project

[Security] OpenSearch should support authentication and authorization natively

Open peternied opened this issue 3 years ago • 0 comments

Is your feature request related to a problem? Please describe. Plugins have some permissions boundaries established by the java security manager, but those only enforce a subset of actions that a plugin can do. Public interfaces within the OpenSearch core systems are accessible by plugins without any access control systems.

Knowing which systems have security considerations or not is non-trivial during plugin development, and represents a maintenance problems, if new granularity is added over time and plugins don't update to support these gaps in functionality are security bugs.

Describe the solution you'd like Support authentication and authorization within OpenSearch access control systems. Use that system to apply universally on all OpenSearch components, plugins, and the new up and coming extensions.

Describe alternatives you've considered The Security plugin is available, and it offers solutions for several features that align with this overall goal. Individual components might be worthwhile adopting, as the security system was built independently of OpenSearch the enforcement processes and ability to restrict access are optional by nature.

Additional context I think some of the to move towards this ultimate state looks like,

  • [ ] OpenSearch should be able to track a Subject through its system
  • [ ] OpenSearch should disable or enable support for authentication and authorization via config
  • [ ] OpenSearch internal process have different subjects for different actions
  • [ ] OpenSearch should have a user registry describable via config
  • [ ] OpenSearch users should be able to authenticate with 'Basic' HTTP Authentication
  • [ ] OpenSearch requests should know the Subject of the caller
  • [ ] OpenSearch should have a way to describe the permissions available to

Terminology

From definition following NIST glossary. https://csrc.nist.gov/glossary

  • Subject - An individual, process, or device that causes information to flow among objects or change to the system state.
  • Authentication- Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in a system.
  • Authorization - The process of verifying that a requested action or service is approved for a specific entity.

peternied avatar Sep 14 '22 19:09 peternied