Riak does not have a built-in authentication or authorization mechanism, as it was designed for use on private networks and was easy to configure. If you use the REST API, we recommend that you insert a reverse proxy between Riak and the client, which can handle authentication. Community members used nginx and Apache for this.
This may change in the future (this is something in our long-term roadmap), but probably not less than in a year.
1/29/2014: Riak 2.0, Q1/2014, .