hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-11357) Secure Delete
Date Sun, 22 Jan 2017 02:45:26 GMT
Andrew Purtell created HDFS-11357:

             Summary: Secure Delete
                 Key: HDFS-11357
                 URL: https://issues.apache.org/jira/browse/HDFS-11357
             Project: Hadoop HDFS
          Issue Type: New Feature
            Reporter: Andrew Purtell
            Priority: Minor

Occasionally for compliance or other legal/process reasons it is necessary to attest that
data has been deleted in such a way that it cannot be retrieved even through low level forensics
(for some reasonable definition of this that typically excludes the resources a state actor
can bring to data recovery). HDFS at-rest encryption offers one way to achieve this, if the
data keying strategy is highly granular. One simply "forgets" a key corresponding to a given
set of files and the data becomes irretrievable. However if HDFS at-rest encryption is not
enabled or a fine grained keying strategy is not possible, another simple strategy can be

The objective is to ensure once a block is deleted no trace of the data within the block exists
on disk in unallocated regions, for all blocks, providing assurance deleted data cannot be
recovered at any time through reasonable effort even with low level access. 

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org

View raw message