hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amandeep Khurana <ama...@gmail.com>
Subject Re: Design for security in Hadoop
Date Fri, 20 Mar 2009 21:47:55 GMT
1. The Jira covers only authentication using Kerberos. I dont think Kerberos
is the best way to do it since I feel the scalability is limited. All keys
have to be negotiated by the Kerberos server. The design in the paper has a
little different protocol for authentication.

2. The Jira doesnt have cover the access control aspect of things. As a
client, I can skip talking to the NN and get blocks from the DN straight
away. There is no way to prevent it. This paper takes care of that aspect as
well.


Amandeep Khurana
Computer Science Graduate Student
University of California, Santa Cruz


On Fri, Mar 20, 2009 at 12:54 PM, Doug Cutting <cutting@apache.org> wrote:

> Amandeep Khurana wrote:
>
>> http://www.soe.ucsc.edu/~akhurana/Hadoop_Security.pdf<http://www.soe.ucsc.edu/%7Eakhurana/Hadoop_Security.pdf>
>>
>
> How does this relate to the current proposal in Jira?
>
> https://issues.apache.org/jira/browse/HADOOP-4343
>
> Doug
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message