Riak Security 2.0: Not Just a Firewall Anymore
If you wanted to use Riak in a secure fashion in versions prior to 2.0, your only option was to do so at the network level, using a firewall or similar protective layer. While this is sufficient for a lot of use cases, the problem with this form of security is that if someone can penetrate the firewall, they essentially have unrestricted access to a Riak cluster. They can perform reads and writes, run MapReduce jobs, you name it.
In Riak version 2.0, this is changing in dramatic fashion. While you can still apply a network security layer if you wish, Riak now comes with security features that protect Riak itself and not just to the network in which it's housed. Most importantly, in Riak 2.0 you can both authorize users to perform specific tasks (from standard read/write/delete operations to search queries to managing bucket types) and authenticate users and clients using a variety of security mechanisms.