[ 
https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Larry McCay updated HADOOP-9621:
--------------------------------

    Attachment: ThreatsforToken-basedAuthN-20130619.pdf

Start of a threat model introduced by a token based approach to authentication 
instead of kerberos. This should be discussed in terms of document format and 
collaborated on in order to tease out as many threats as possible - so that we 
have them in mind for design decisions.
                
> Document/analyze current Hadoop security model
> ----------------------------------------------
>
>                 Key: HADOOP-9621
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9621
>             Project: Hadoop Common
>          Issue Type: Task
>          Components: security
>            Reporter: Brian Swan
>            Priority: Minor
>              Labels: documentation
>         Attachments: HadoopSecurityAnalysis-20130612.pdf, 
> HadoopSecurityAnalysis-20130614.pdf, ThreatsforToken-basedAuthN-20130619.pdf
>
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> In light of the proposed changes to Hadoop security in Hadoop-9533 and 
> Hadoop-9392, having a common, detailed understanding (in the form of a 
> document) of the benefits/drawbacks of the current security model and how it 
> works would be useful. The document should address all security principals, 
> their authentication mechanisms, and handling of shared secrets through the 
> lens of the following principles: Minimize attack surface area, Establish 
> secure defaults, Principle of Least privilege, Principle of Defense in depth, 
> Fail securely, Don’t trust services, Separation of duties, Avoid security by 
> obscurity, Keep security simple, Fix security issues correctly.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to