accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Drob <md...@apache.org>
Subject Re: Library for cryptographically securing data stored in Accumulo
Date Wed, 31 May 2017 21:44:45 GMT
Neat stuff, Scott.

Before we dive in too deeply, how does this differ from the native
encryption offered inside of Accumulo?

Mike

On Wed, May 31, 2017 at 4:38 PM, Ruoti, Scott - 0553 - MITLL <
Scott.Ruoti@ll.mit.edu> wrote:

> All,
>
>
>
> Over the past several years, MIT Lincoln Laboratory has been exploring how
> to protect data stored in Accumulo from malicious and honest-but-curious
> system administrators. Currently, an administrator is free to view any data
> stored in Accumulo, and can insert, modify, or delete data at will. To
> address these threat vectors, we have developed the Proactively-secure
> Accumulo with Cryptographic Enforcement (PACE) library.
>
>
>
> The PACE library supports both encrypting and signing records. Encryption
> is used to ensure that only users with the appropriate keys (i.e., not the
> system administrator) can read the unencrypted context of data stored in
> Accumulo. Signatures can be used to provide protection against an
> administrator spuriously inserting or modifying records.
>
>
>
> The PACE library works as a drop-in replacement for the existing Accumulo
> client-API, allowing existing code to be secure with only the change of a
> few lines of code. The PACE library can be found at This library can be
> found at https://github.com/mit-ll/PACE. All are welcome to use this
> library or fork the repository and modify the code for their own use.
>
>
>
> At this time, development of PACE at Lincoln Laboratory is complete. In my
> free time, I will attempt to address any reported bugs, but I am also
> interested in identify Accumulo developers that would like to help maintain
> this library. Alternatively, I am willing to turn ownership of this library
> entirely over to the Accumulo community.
>
>
>
> If you have any questions or comments about PACE, feel free to reach out
> to me.
>
>
>
> Thank you,
>
> Scott Ruoti
>
>
>
> —
> Dr. Scott Ruoti                             voice:  (781) 981-1551
> Technical Staff                             mobile: (801) 300-7013
> Secure, Resilient Systems and Technology    e-mail: scott.ruoti@ll.mit.edu
> Group 53
> MIT Lincoln Laboratory
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message