accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Allen (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-958) Support pluggable encryption in walogs
Date Thu, 11 Apr 2013 15:55:16 GMT


Michael Allen commented on ACCUMULO-958:

There's a lot to like about the approach in HADOOP-9333.  They did run into the same set of
issues I outlined in terms of the codec framework needing additional parameterization that
it did not have.  Their design doc is here, BTW, for easy retrieval and browsing:

Their implementation is fairly directly tied to AES and RC4 as crypto algorithms, which aren't
necessarily bad choices, but if someone wants to switch out one crypto provider for another,
the way they approach it would require more code changes (I believe) rather than just configuration
changes. I think both approaches (theirs and mine) require code changes to the points wanting
to employ the encryption, so I think that's pretty much a wash.

Their solution does probe deeper into how one would be encrypting M/R output than my current
patch does, but of course my current patch is more Accumulo and less Hadoop focused.

I don't know if I would toss out my patch entirely in favor of theirs, especially given that
the distribution of it probably won't catch up to all the Hadoop installations out there for
quite some time.  
> Support pluggable encryption in walogs
> --------------------------------------
>                 Key: ACCUMULO-958
>                 URL:
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: logger
>            Reporter: John Vines
>            Assignee: Michael Allen
>             Fix For: 1.6.0
>         Attachments: ACCUMULO-958-actual-changes.patch, accumulo-958.diff, accumulo-958-patch.diff,
> There are some cases where users want encryption at rest for the walogs. It should be
fairly trivial to implement it in such a way to insert a CipherOutputStream into the data
path (defaulting to using a NullCipher) and then making the Cipher pluggable to users can
insert the appropriate mechanisms for their use case.
> This also means swapping in CipherInputStream and putting in a check to make sure the
Cipher type's match at read and write time. Possibly a versioning mechanism so people can
migrate Ciphers.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message