Tag: security

Improved SDK Authentication Methods – Couchbase 5.0

Couchbase Server 5.0 delivers some great new authentication features that require some minor changes to your client connection code.  The specific changes to the SDK are outlined in this post and also refer to changes made in the pre-release April Developer Build as...

/ May 1, 2017
Authentication and authorization

Authorization and Authentication with RBAC (Part 2)

Authorization and authentication are important to Couchbase. In March, I blogged about some of the new Role Based Access Control (RBAC) that we are showing in the Couchbase Server 5.0 Developer Builds. This month, I’d like to go into a...

Authentication and authorization

Authentication and Authorization with RBAC

In March’s developer build, you can start to see some major changes to authentication and authorization within Role Based Access Control (RBAC) coming to Couchbase Server. These changes are a work in progress: the developer build is essentially a nightly...

Couchbase Server 4.6

Announcing Couchbase Server 4.6 – What’s New and Improved

Couchbase delivers the Couchbase Data Platform that powers Web, Mobile, and IoT applications for digital businesses. With our newest release, Couchbase Server 4.6 provides the availability, scalability, performance, and security that enterprises require for their mission-critical applications. What’s New and...

Skipping default bucket creation

Some days ago I made the following search: “databases unprotected”. It is really incredible the number of databases deployed without authentication. Most of them are just test databases published on the internet, but others are exposing sensitive data. (Image Licensed through...

Configuring IPsec for a Couchbase Cluster

Introduction Some Couchbase deployments require secure communications between nodes across the network, this could be due to reasons like data governance policies or regulatory compliance.  Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by...

Securing Couchbase Server using Let’s Encrypt x.509 Certificates

Summary Securing data and access to data for application data is an important step in securing your environment for client applications and database protection in any sized environment. One of the simplest methods to secure data is the access path...

Watching SCRAM authentication in Java

SCRAM authentication is one of the new features in version 4.5. Check this blog entry for an introduction on SCRAM in Couchbase. In this article we will cover how to monitor SCRAM handshake from Java. First, you do not have...

/ May 27, 2016

Improved security in Couchbase 4.5: SCRAM-SHA

Security is important to us, here at Couchbase. I'd like to draw your attention to a new security feature in Couchbase 4.5 that might otherwise go unnoticed: SCRAM-SHA (pronounced like 'scram-shaw').     (Scram Image Licensed through Create Commons via...

Hashing Passwords Stored in Couchbase Server with Node.js

Why You Should Hash All passwords should be hashed before entering a database because you have to consider the scenario where some malicious user attempts to gain entry into your data. Passwords are sensitive pieces of information that you don't...