This article is fourth in a 4-part series on managing metadata assets in IRI Workbench using Git. It focuses on the security of your metadata. Other articles in the series cover the use of Git as a metadata asset hub, for version control, and for tracking metadata lineage.

Implementing metadata security protocols is essential for protecting both confidential job and data assets in enterprise development and production environments. Without them, there is no control over where these assets may end up, protection from deletion, or for how they could potentially be used (or misused).

The Git metadata management system (hub), which IRI users can access in IRI Workbench, offers a number of ways to secure metadata (and data) assets under its control, and in transit. The primary options are local, SSH (Secure Shell), and HTTP.

These protocols can be specified as remote repositories are introduced. Repositories hold current and prior versions of your projects on the Internet or any other network. They provide flexibility in collaboration and user access rights, asset version control, and lineage utilization. They also provide the ability to secure the assets, and commit changes in the remote repository.

The SSH security protocol is arguably the most common means of securing data transport, especially in a corporate network; anonymous access is not possible through it. Users must be authenticated through SSH in order to interact with the repository, even in a read-only manner. It’s also an easy way to transfer data with encryption and authentication.

To utilize this protocol through the Git integration plug-in for Eclipse and a Git hosting site, first generate a private key (RSA). This key is unique and locked, with a passphrase, and helps to identify you in an SSH server. In IRI Workbench, navigate to Windows > Preferences > General > Network Connections > SSH2 >> Key Management. Click on “Generate RSA Key” and provide the passphrase. Make sure to copy this key, as it must be used later. Then save this private key in the .ssh folder.

 

Next, create a remote repository. Sites such as GitHub, Bitbucket, and Unfuddle host Git repositories that can be utilized to simplify the process of managing remote repositories. For this demonstration, I will use BitBucket, since it provides free private repositories for up to five collaborators.

With the creation of a Bitbucket account, navigate to “Manage account,” under the person icon in the top right corner and in the column to the left under “Security,” and click “SSH keys.” Then add your key. 

To create a repository, select the “Create” button at the top of the page.

Now we must configure the settings for pushing and fetching commits to this remote repository. Navigate to the Git Repositories, view and right-click on “Remote,” and select “Paste Repository Path.”

In the new window that appears, provide your Git SSH URL, in the form of “ssh://git@bitbucket.org/accountname/reponame.git” and continue.

Click “Next” for this window and then press “Finish”. 

Now your remote repository is freely accessible in IRI Workbench to push files to and fetch metadata from, as well as other asset changes.

This is just one example of how to create a secure remote repository where your metadata is safe to use and share. As you can see, the use of remote repositories is a convenient way to collaborate with other users and, with security protocols implemented, to help keep your metadata and other IRI job assets protected.

For more information on our metadata management series, you can review part one – Using Git as an Asset Hub, part two – Version Control, and part three – Lineage Tracking. Find out how Git provides a framework for metadata management in IRI Workbench.