hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "howie yu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-10528) A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)
Date Tue, 22 Apr 2014 05:48:15 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-10528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

howie yu updated HADOOP-10528:

    Status: Open  (was: Patch Available)

> A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)
> ------------------------------------------------------------------------------
>                 Key: HADOOP-10528
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10528
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: howie yu
>         Attachments: HADOOP-10528.patch
> This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a complete Hadoop
crypto codec framework, but the key can only be retrieved from a local Java KeyStore file.
To the convenience, we design a Centralized Key Manager Server (BEE: bee-key-manager) and
user can use this TokenKeyProvider to retrieve keys from the Centralized Key Manager Server.
By the way, to secure the key exchange, we leverage HTTPS + SPNego/SASL to protect the key
exchange. To the detail design and usage, please refer to https://github.com/trendmicro/BEE.

> Moreover, there are still much more requests about Hadoop Data Encryption (such as provide
standalone module, support KMIP...etc.), if anyone has interested in those features, pleas
let us know. 
> Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333, and HADOOP-9332
and before use our patch HADOOP-10528.patch.

This message was sent by Atlassian JIRA

View raw message