accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josef Roehrl - PHEMI <>
Subject Re: [DISCUSS] What to do about encryption at rest?
Date Sat, 31 Oct 2015 14:22:02 GMT
For this reason, we were just thinking of waiting for Encryption at Rest
with HDFS.  Presumably, Accumulo could optimize encryption if it
implemented encryption itself with a few trade-offs.

On Fri, Oct 30, 2015 at 10:22 PM, William Slacum <> wrote:

> So I've been looking into options for providing encryption at rest, and it
> seems like what Accumulo has is abandonware from a project perspective.
> There is no official documentation on how to perform encryption at rest,
> and the best information from its status comes from year (or greater) old
> ticket comments about how the feature is still experimental. Recently there
> was a talk that described using HDFS encryption zones as an alternative.
> From my perspective, this is what I see as the current situation:
> 1- Encryption at rest in Accumulo isn't actively being worked on
> 2- Encryption at rest in Accumulo isn't part of the public API or marketed
> capabilities
> 3- Documentation for what does exist is scattered throughout Jira comments
> or presentations
> 4- A viable alternative exists that appears to have feature parity in HDFS
> encryption
> 5- HBase has finer grained encryption capabilities that extend beyond what
> HDFS provides
> Moving forward, what's the consensus for supporting this feature?
> Personally, I see two options:
> 1- Start going down a path to bring the feature into the forefront and
> start providing feature parity with HBase
> or
> 2- Remove the feature and place emphasis on upstream encryption offerings
> Any input is welcomed & appreciated!


Josef Roehrl
Senior Software Developer
*PHEMI Systems*
180-887 Great Northern Way
Vancouver, BC V5T 4T5
Website <> Twitter <>

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message