accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Busbey <bus...@cloudera.com>
Subject Re: [DISCUSS] What to do about encryption at rest?
Date Sat, 31 Oct 2015 10:06:31 GMT
+1 on #2

if anyone wants to pick it back up later, we can always pull it back
out of the git history.


how would implementation work? I know it's not in the public API, but
if there are folks relying on it we'd essentially be locking them out
of upgrades. would we provide migration tools?


On Fri, Oct 30, 2015 at 3:22 PM, William Slacum <wslacum@gmail.com> wrote:
> So I've been looking into options for providing encryption at rest, and it
> seems like what Accumulo has is abandonware from a project perspective.
> There is no official documentation on how to perform encryption at rest,
> and the best information from its status comes from year (or greater) old
> ticket comments about how the feature is still experimental. Recently there
> was a talk that described using HDFS encryption zones as an alternative.
>
> From my perspective, this is what I see as the current situation:
>
> 1- Encryption at rest in Accumulo isn't actively being worked on
> 2- Encryption at rest in Accumulo isn't part of the public API or marketed
> capabilities
> 3- Documentation for what does exist is scattered throughout Jira comments
> or presentations
> 4- A viable alternative exists that appears to have feature parity in HDFS
> encryption
> 5- HBase has finer grained encryption capabilities that extend beyond what
> HDFS provides
>
> Moving forward, what's the consensus for supporting this feature?
> Personally, I see two options:
>
> 1- Start going down a path to bring the feature into the forefront and
> start providing feature parity with HBase
>
> or
>
> 2- Remove the feature and place emphasis on upstream encryption offerings
>
> Any input is welcomed & appreciated!



-- 
Sean

Mime
View raw message