Reputation: 10962
Securing Neo4j nodes and relationships
Does Neo4j provide a security mechanism to control visibility of graph components? I have a very large graph visible to all clients. Ideally, authenticated clients could add nodes and edges visible only to them (managed by Shiro, Spring Security, or some such). These edges would not affect graph operations for other clients. Does Neo4j provide anything like this natively? Or is there an SPI that would allow this to be implemented?
Upvotes: 0
Views: 77
Answers (2)
Reputation: 66999
To maintain security, your graph DB (or any DB with sensitive data) should never be directly accessible to clients. Instead, a DB should only be directly accessible by a trusted middleware app server that is responsible for ensuring that every client is authenticated AND authorized to perform any requested operation.
Upvotes: 1
Reputation: 1589
So our solution has been to do this at the application layer: We have grails with spring security on top of neo4j and then use the logic in the web application to make sure people can only see what we want them to see. Alternatively you can add some properties to the nodes to filter on them by property, but I don't know how well that would work.
To answer your question Neo4j does not provide any native security to the database at this time. Best of luck!
Upvotes: 2
Related Questions
- Encrypting Neo4j relationships
- Node level security in neo4j
- How to secure Neo4j browser
- Neo4j data modeling: private owned nodes, rich relationships, locks
- What advanced security options exist for Neo4j?
- Graph database vulnerability
- Securing the data accessed by Neo4j queries
- security settings for graph databases
- neo4j: authentication - only allow reading cypher queries
- How to secure Neo4J replication?