You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Brian Swan (JIRA)" <ji...@apache.org> on 2013/06/05 22:09:20 UTC

[jira] [Created] (HADOOP-9621) Document/analyze current Hadoop security model

Brian Swan created HADOOP-9621:
----------------------------------

             Summary: Document/analyze current Hadoop security model
                 Key: HADOOP-9621
                 URL: https://issues.apache.org/jira/browse/HADOOP-9621
             Project: Hadoop Common
          Issue Type: Task
          Components: security
            Reporter: Brian Swan
            Priority: Minor


In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira