hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Owen O'Malley (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6134) Transparent data at rest encryption
Date Wed, 11 Jun 2014 17:45:05 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14028086#comment-14028086
] 

Owen O'Malley commented on HDFS-6134:
-------------------------------------

I still have two very strong concerns with this work:

* A critical use case is that distcp (and other backup/disaster recovery tools) must be able
to accurately copy files without access to the encryption keys. There are many cases when
the automated backup tools are not permitted the encryption keys. Obviously, it also has the
benefit of being both safer and faster if the data is moved in the original encryption.
* The client needs to get the key material directly and not use the NameNode as a proxy. This
is critical from a security point of view.
** The security (including the audit log) on the key server is much stronger if there are
no proxies between the user and the key server.
** Security bugs in HDFS or mistakes in setting permissions are a critical use case for requiring
encryption.

Doing all of the work on the client (including getting the key) makes the entire much more
secure.

> Transparent data at rest encryption
> -----------------------------------
>
>                 Key: HDFS-6134
>                 URL: https://issues.apache.org/jira/browse/HDFS-6134
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.3.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HDFSDataAtRestEncryption.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive data at rest
must be in encrypted form. For example: the health­care industry (HIPAA regulations), the
card payment industry (PCI DSS regulations) or the US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can be used transparently
by any application accessing HDFS via Hadoop Filesystem Java API, Hadoop libhdfs C library,
or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with different regulation
requirements.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message