hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HDFS-6134) Transparent data at rest encryption
Date Wed, 16 Apr 2014 05:34:19 GMT

     [ https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Alejandro Abdelnur resolved HDFS-6134.

    Resolution: Duplicate

[Cross-posting  with HADOOP-10150, closing this JIRA as duplicate, discussion to continue
in HADOOP-10150]

Larry, Steve, Nicholas, thanks for your comments.

Todd Lipcon and I had an offline discussion with Andrew Purtell, Yi Liu and Avik Dey to see
if we could combine what HADOOP-10150 and HDFS-6134 into one proposal while supporting both,
encryption for multiple filesystems and transparent encryption for HDFS.

Also, following Steve’s suggestion, I’ve put together a Attack Vectors Matrix for all

I think both documents, the proposal and the attack vectors, address most if not all the questions/concerns
raised in the JIRA.

Please look for the documents in HADOOP-10150.

> Transparent data at rest encryption
> -----------------------------------
>                 Key: HDFS-6134
>                 URL: https://issues.apache.org/jira/browse/HDFS-6134
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.3.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HDFSDataAtRestEncryption.pdf
> Because of privacy and security regulations, for many industries, sensitive data at rest
must be in encrypted form. For example: the health­care industry (HIPAA regulations), the
card payment industry (PCI DSS regulations) or the US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can be used transparently
by any application accessing HDFS via Hadoop Filesystem Java API, Hadoop libhdfs C library,
> The resulting implementation should be able to be used in compliance with different regulation

This message was sent by Atlassian JIRA

View raw message