Return-Path: 
 <common-dev-return-73369-apmail-hadoop-common-dev-archive=hadoop.apache.org@hadoop.apache.org>
Delivered-To: apmail-hadoop-common-dev-archive@www.apache.org
Received: (qmail 3982 invoked from network); 18 Feb 2010 05:58:29 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 18 Feb 2010 05:58:29 -0000
Received: (qmail 8070 invoked by uid 500); 18 Feb 2010 05:58:28 -0000
Delivered-To: apmail-hadoop-common-dev-archive@hadoop.apache.org
Received: (qmail 7881 invoked by uid 500); 18 Feb 2010 05:58:26 -0000
Mailing-List: contact common-dev-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-dev-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-dev-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-dev@hadoop.apache.org>
List-Id: <common-dev.hadoop.apache.org>
Reply-To: common-dev@hadoop.apache.org
Delivered-To: mailing list common-dev@hadoop.apache.org
Received: (qmail 7871 invoked by uid 99); 18 Feb 2010 05:58:26 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Feb 2010 05:58:26 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of gscse@tce.edu designates
 210.212.252.72 as permitted sender)
Received: from [210.212.252.72] (HELO tce.edu) (210.212.252.72)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Feb 2010 05:58:20 +0000
Received: from [127.0.0.1] (helo=mail.tce.edu)
	by tce.edu with esmtp (Exim 4.63)
	(envelope-from <gscse@tce.edu>)
	id 1NhzOZ-0000lZ-M8
	for common-dev@hadoop.apache.org; Thu, 18 Feb 2010 11:27:53 +0530
Received: from 210.212.252.71
        (SquirrelMail authenticated user gscse)
        by mail.tce.edu with HTTP;
        Thu, 18 Feb 2010 11:27:51 +0530
Message-ID: <f27d864e2244b3be6bfcf9fdb71cb6b7.squirrel@mail.tce.edu>
Date: Thu, 18 Feb 2010 11:27:51 +0530
Subject: Hadoop Security
From: gscse@tce.edu
To: common-dev@hadoop.apache.org
User-Agent: SquirrelMail/1.4.19
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-XheaderVersion: 1.1
X-UserAgent: 
X-Spam-Score: 1.9 (+)
X-Old-Spam-Status: No

hi all
   i am doing my research in security issues of hadoop.i have noticed that
security can be attained under three heads like user authentication,data
transfer while running hadoop service and HDFS level.
  Analyzed that kerberos cab be used for user authentication.when the user
wants to submit a job he/she can get delegation token followed by block
access token to access data from HDFS.So the client is overloaded with
initial 2 tickets (kerberos) TGT(Ticket grating Ticket),ST (service
ticket)followed by delegation token and block access token..Is that right??
suggestions plz...
regards
sujitha



-----------------------------------------
This email was sent using TCEMail Service.
Thiagarajar College of Engineering
Madurai-625 015, India