Return-Path: X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7055B1088E for ; Fri, 11 Apr 2014 18:14:40 +0000 (UTC) Received: (qmail 81943 invoked by uid 500); 11 Apr 2014 18:14:39 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 81473 invoked by uid 500); 11 Apr 2014 18:14:36 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 81124 invoked by uid 99); 11 Apr 2014 18:14:27 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Apr 2014 18:14:26 +0000 Date: Fri, 11 Apr 2014 18:14:24 +0000 (UTC) From: "Alejandro Abdelnur (JIRA)" To: common-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HADOOP-10433) Key Management Server based on KeyProvider API MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-10433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Alejandro Abdelnur updated HADOOP-10433: ---------------------------------------- Attachment: HADOOP-10433.patch updated patch. > Key Management Server based on KeyProvider API > ---------------------------------------------- > > Key: HADOOP-10433 > URL: https://issues.apache.org/jira/browse/HADOOP-10433 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 3.0.0 > Reporter: Alejandro Abdelnur > Assignee: Alejandro Abdelnur > Attachments: COMBO.patch, HADOOP-10433-v2.patch, HADOOP-10433-v3.patch, HADOOP-10433.patch, HADOOP-10433.patch, HADOOP-10433.patch, KMS-ALL-PATCHES-v2.patch, KMS-ALL-PATCHES-v3.patch, KMS-ALL-PATCHES.patch, KMS-doc.pdf > > > (from HDFS-6134 proposal) > Hadoop KMS is the gateway, for Hadoop and Hadoop clients, to the underlying KMS. It provides an interface that works with existing Hadoop security components (authenticatication, confidentiality). > Hadoop KMS will be implemented leveraging the work being done in HADOOP-10141 and HADOOP-10177. > Hadoop KMS will provide an additional implementation of the Hadoop KeyProvider class. This implementation will be a client-server implementation. > The client-server protocol will be secure: > * Kerberos HTTP SPNEGO (authentication) > * HTTPS for transport (confidentiality and integrity) > * Hadoop ACLs (authorization) > The Hadoop KMS implementation will not provide additional ACL to access encrypted files. For sophisticated access control requirements, HDFS ACLs (HDFS-4685) should be used. > Basic key administration will be supported by the Hadoop KMS via the, already available, Hadoop KeyShell command line tool > There are minor changes that must be done in Hadoop KeyProvider functionality: > The KeyProvider contract, and the existing implementations, must be thread-safe > KeyProvider API should have an API to generate the key material internally > JavaKeyStoreProvider should use, if present, a password provided via configuration > KeyProvider Option and Metadata should include a label (for easier cross-referencing) > To avoid overloading the underlying KeyProvider implementation, the Hadoop KMS will cache keys using a TTL policy. > Scalability and High Availability of the Hadoop KMS can achieved by running multiple instances behind a VIP/Load-Balancer. For High Availability, the underlying KeyProvider implementation used by the Hadoop KMS must be High Available. -- This message was sent by Atlassian JIRA (v6.2#6252)