hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin Minder (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9621) Document/analyze current Hadoop security model
Date Wed, 12 Jun 2013 12:28:20 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13681165#comment-13681165
] 

Kevin Minder commented on HADOOP-9621:
--------------------------------------

We are certainly using that doc as input but we are trying to provide more detail around Hadoop
2.x security.  I just attached the current working version of what Kyle and I have come up
with so far.  We are using a gdoc for this.
https://docs.google.com/a/hortonworks.com/document/d/1POyKfDxZaMNVJi-4c2mpJUfuSBch1arW-pc5xvUKNno/edit#
We would love some community review and contribution as we are basically documenting what
we are seing as we dig through the code.
                
> Document/analyze current Hadoop security model
> ----------------------------------------------
>
>                 Key: HADOOP-9621
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9621
>             Project: Hadoop Common
>          Issue Type: Task
>          Components: security
>            Reporter: Brian Swan
>            Priority: Minor
>              Labels: documentation
>         Attachments: HadoopSecurityAnalysis-20130612.pdf
>
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having
a common, detailed understanding (in the form of a document) of the benefits/drawbacks of
the current security model and how it works would be useful. The document should address all
security principals, their authentication mechanisms, and handling of shared secrets through
the lens of the following principles: Minimize attack surface area, Establish secure defaults,
Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust
services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security
issues correctly.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message