hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6134) Transparent data at rest encryption
Date Thu, 19 Jun 2014 23:56:27 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14038125#comment-14038125
] 

Aaron T. Myers commented on HDFS-6134:
--------------------------------------

bq. This is not what one wants - distcp will not necessarily have permission in decrypt.

I disagree - this is exactly what one wants. This is no different than today's distcp which
may be run by a user that doesn't have permissions on all the files under the source directory.

bq. delegation tokens - KMS will accept delegation tokens - again I don't think this is what
one wants - can the keys be obtained at job submission time?

Owen and Tucu have already discussed this quite a bit above.

bq. I assume the NN will hand this out based on the file ACL. Does the above reduce the security?

I don't see how this reduces security. The intention of adding transparent encryption support
is just that - to provide encryption, not to provide another, additional authorization mechanism.

bq. There are a complex set of issues to be addressed. I know that a bunch of you have had
some private meetings discussing the various options and tradeoffs. Can we please have a short
more public meeting next week? I can organize and host this at Hortonworks along with Google
plus for those that are remote. How about next thursday at 1:30pm?

I think those working on this project have been very open about all of these designs and discussions
from the beginning dating back to March, and I think Tucu and others have been doing a great
job of answering questions, accepting feedback, and modifying the design accordingly. Not
sure where the assertion about private meetings is coming from - everything that's been discussed
off-JIRA has been reiterated back on JIRA. What questions do you have remaining that would
require a meeting?

> Transparent data at rest encryption
> -----------------------------------
>
>                 Key: HDFS-6134
>                 URL: https://issues.apache.org/jira/browse/HDFS-6134
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.3.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HDFSDataAtRestEncryption.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive data at rest
must be in encrypted form. For example: the health­care industry (HIPAA regulations), the
card payment industry (PCI DSS regulations) or the US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can be used transparently
by any application accessing HDFS via Hadoop Filesystem Java API, Hadoop libhdfs C library,
or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with different regulation
requirements.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message