Security/Juno/Marconi

This page documents security related details for the Marconi project in the OpenStack Juno release.

Implemented Crypto
None. We would like to implement message signing for the K cycle, though. (TBD)

Libraries
Marconi's only crypto is in the keystone middleware and in libraries that are used by backend drivers.

Keystone

Marconi uses the standard Keystone WSGI middleware for authentication.

Backends

Marconi currently relies on pymongo and SQLAlchemy to implement storage drivers. pymongo uses Python's standard "ssl" package (source).

During Juno we are also experimenting with Redis, AMQP, and Kafka drivers.


 * The AMQP driver will use the Python bindings for qpid-proton, which uses OpenSSL.
 * Redis does not natively support TLS. It may be added by a proxy, but we are not planning on adding support for that to the Marconi driver at this time.
 * Kafka does not appear to support TLS either.

Keys/Certificates
API: None

Backend: See below

Passwords
API: The only thing passed to Marconi is a Keystone auth token.

Backend: The MongoDB driver does not support Mongo's authentication features. We are considering adding this support in Juno (bug), but the work will likely slip to the K cycle. There are no plans to support authentication for any other backends at this time.

Potential Improvements
A list of potential improvements we could make, in no particular order:


 * Submit a patch to pymongo to take advantage of improvements to the Py3K ssl module
 * Move to mmh3 from crc32, or migrate away from partitioning queues across multiple DBs
 * Support MongoDB's auth features
 * Support TLS proxy for backends that don't have native support
 * Implement message signing, possibly also encryption
 * If we decide to support AMQP backends, add support for user/password auth