hbase-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Liu, Ming (Ming)" <ming....@esgyn.cn>
Subject hbase 'transparent encryption' feature is production ready or not?
Date Fri, 03 Jun 2016 00:52:04 GMT
Hi, all,

We are trying to deploy the 'transparent encryption' feature of HBase , described in HBase
reference guide: https://hbase.apache.org/book.html#hbase.encryption.server  , in our product.
We heard from various sources that it is not production ready before.

During our tests, we do find out it works not very stable, but probably due to our lack of
experience of this feature. It works sometime, sometimes not work, and retry the same configuration,
it work again. We were using HBase 1.0.

Could anyone give us some information that this feature is already stable and can be used
in a production environment?

And, we now save the encryption key in the disk, so we were wondering, this is something not
secure. Since the key is at same place with data, anyone can decode the data because if he/she
can access the data, he/she can access the key as well. Is there any best practice about how
to manage the key?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message