You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Xianqing Yu (JIRA)" <ji...@apache.org> on 2012/09/13 19:28:07 UTC
[jira] [Commented] (HADOOP-8803) Make Hadoop running more secure
public cloud envrionment
[ https://issues.apache.org/jira/browse/HADOOP-8803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13455025#comment-13455025 ]
Xianqing Yu commented on HADOOP-8803:
-------------------------------------
I would like to discuss this topic with hadoop community to see if people want or need those features in future's Hadoop. Please post your thoughts here.
> Make Hadoop running more secure public cloud envrionment
> --------------------------------------------------------
>
> Key: HADOOP-8803
> URL: https://issues.apache.org/jira/browse/HADOOP-8803
> Project: Hadoop Common
> Issue Type: New Feature
> Components: fs, ipc, security
> Affects Versions: 0.20.204.0
> Reporter: Xianqing Yu
> Labels: hadoop
> Original Estimate: 2m
> Remaining Estimate: 2m
>
> I have two major goals in the project.
> One is bring fine-grain access control to Hadoop. Based on 0.20.204, Hadoop
> access control is based on user or block granularity, e.g. HDFS Delegation
> Token only check if the file can be accessed by certain user or not, Block
> Token only proof which block or blocks can be accessed. I would like to make
> Hadoop can do byte-granularity access control, each access party, user or
> task process can only access the bytes she or he least needed.
> Second one is that make Hadoop work more secure in Cloud environment,
> especially in public Cloud environment. So the communication between
> hadoop's node should be protected. And if some nodes of hadoop is
> compromised, the damage should be minimized (e.g. known wildly shared-key
> problem of Block Access Token problem).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira