You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hudi.apache.org by "liujinhui (Jira)" <ji...@apache.org> on 2021/09/01 02:27:00 UTC

[jira] [Commented] (HUDI-2370) Supports data encryption

    [ https://issues.apache.org/jira/browse/HUDI-2370?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17407765#comment-17407765 ] 

liujinhui commented on HUDI-2370:
---------------------------------

1. Need to upgrade the parquet version to 1.12.0
2. Add examples to illustrate how to use encryption
3. Add unit tests to verify correctness and usability
4. I think I may need hudi parameters to control encryption
hudi.parquet.encryption.enabled=false
5. Provide memory-based encryption services so that users can understand this function
(Apache parquet provides a simple memory-based encryption class in the unit test, which may not be recommended for security reasons), I think it seems that it can be put in hudi as an example for the convenience of users.
However, due to encryption security issues, users need to be reminded that it is not recommended to use this example in a production environment.

[~vinoth]

> Supports data encryption
> ------------------------
>
>                 Key: HUDI-2370
>                 URL: https://issues.apache.org/jira/browse/HUDI-2370
>             Project: Apache Hudi
>          Issue Type: New Feature
>            Reporter: liujinhui
>            Assignee: liujinhui
>            Priority: Major
>             Fix For: 0.10.0
>
>
> Data security is becoming more and more important, if hudi can support encryption, it is very welcome
> 1. Specify column encryption
>  2. Support footer encryption
>  3. Custom encrypted client interface(Provide memory-based encryption client by default)
> 4. Specify the encryption key
>  
> When querying, you need to pass the relevant key or obtain query permission based on the client's encrypted interface. If it fails, the result cannot be returned.
>  1. When querying non-encrypted fields, the key is not passed, and the data is returned normally
>  2. When querying encrypted fields, the key is not passed and the data is not returned
>  3. When the encrypted field is queried, the key is passed, and the data is returned normally
>  4. When querying all fields, the key is not passed and no result is returned. If passed, the data returns normally
>  
> Start with COW first



--
This message was sent by Atlassian Jira
(v8.3.4#803005)