You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Allen Wittenauer (JIRA)" <ji...@apache.org> on 2015/05/06 05:35:40 UTC
[jira] [Updated] (HADOOP-10528) A TokenKeyProvider for a
Centralized Key Manager Server (BEE: bee-key-manager)
[ https://issues.apache.org/jira/browse/HADOOP-10528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Allen Wittenauer updated HADOOP-10528:
--------------------------------------
Labels: BB2015-05-TBR (was: )
> A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)
> ------------------------------------------------------------------------------
>
> Key: HADOOP-10528
> URL: https://issues.apache.org/jira/browse/HADOOP-10528
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: howie yu
> Labels: BB2015-05-TBR
> Attachments: HADOOP-10528.patch
>
>
> This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a complete Hadoop crypto codec framework, but the key can only be retrieved from a local Java KeyStore file. To the convenience, we design a Centralized Key Manager Server (BEE: bee-key-manager) and user can use this TokenKeyProvider to retrieve keys from the Centralized Key Manager Server. By the way, to secure the key exchange, we leverage HTTPS + SPNego/SASL to protect the key exchange. To the detail design and usage, please refer to https://github.com/trendmicro/BEE.
> Moreover, there are still much more requests about Hadoop Data Encryption (such as provide standalone module, support KMIP...etc.), if anyone has interested in those features, pleas let us know.
>
> Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333, and HADOOP-9332 and before use our patch HADOOP-10528.patch.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)