accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Keith Turner (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-980) support pluggable codecs for RFile
Date Fri, 01 Feb 2013 20:22:13 GMT


Keith Turner commented on ACCUMULO-980:

Are you considering rekeying? I.e. encrypt new files key with new key and read old files key
with an older key. 

Do you have any thoughts on key management?  I was thinking that each tablet could have a
key.  The tablets key is encrypted with the table key.  The tablet key is used to encrypt/decrypt
file keys.   A tablet never has to know the table key, it could ask a centralized service
to decrypt its tablet key using the table key.  Using this method, the table key would only
need to be held in memory on one machine.
> support pluggable codecs for RFile
> ----------------------------------
>                 Key: ACCUMULO-980
>                 URL:
>             Project: Accumulo
>          Issue Type: Improvement
>            Reporter: Adam Fuchs
>            Assignee: Adam Fuchs
>             Fix For: 1.6.0
>         Attachments: RFile-Changes-Proposal-V1.pdf
> As part of the encryption at rest story, RFile should support pluggable modules where
it currently has hardcoded options for compression codecs. This is a natural place to add
encryption capabilities, as the cost of encryption would likely not be significantly different
from the cost of compression, and the block-level integration should maintain the same seek
and scan performance. Given the many implementation options for both encryption and compression,
it makes sense to have a plugin structure here.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message