You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2016/01/29 11:27:40 UTC
[jira] [Commented] (HADOOP-9621) Document/analyze current Hadoop
security model
[ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15123319#comment-15123319 ]
Steve Loughran commented on HADOOP-9621:
----------------------------------------
This document is the most complete document we have on what the Hadoop security model is. How do we get it into the hadoop site docs?
> Document/analyze current Hadoop security model
> ----------------------------------------------
>
> Key: HADOOP-9621
> URL: https://issues.apache.org/jira/browse/HADOOP-9621
> Project: Hadoop Common
> Issue Type: Task
> Components: security
> Reporter: Brian Swan
> Priority: Minor
> Labels: documentation
> Attachments: HadoopSecurityAnalysis-20130612.pdf, HadoopSecurityAnalysis-20130614.pdf, HadoopSecurityAnalysis-20130624.pdf, ThreatsforToken-basedAuthN-20130619.pdf
>
> Original Estimate: 336h
> Remaining Estimate: 336h
>
> In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)