1. The Jira covers only authentication using Kerberos. I dont think Kerberos is the best way to do it since I feel the scalability is limited. All keys have to be negotiated by the Kerberos server. The design in the paper has a little different protocol for authentication.
2. The Jira doesnt have cover the access control aspect of things. As a client, I can skip talking to the NN and get blocks from the DN straight away. There is no way to prevent it. This paper takes care of that aspect as well. Amandeep Khurana Computer Science Graduate Student University of California, Santa Cruz On Fri, Mar 20, 2009 at 12:54 PM, Doug Cutting <cutt...@apache.org> wrote: > Amandeep Khurana wrote: > >> http://www.soe.ucsc.edu/~akhurana/Hadoop_Security.pdf<http://www.soe.ucsc.edu/%7Eakhurana/Hadoop_Security.pdf> >> > > How does this relate to the current proposal in Jira? > > https://issues.apache.org/jira/browse/HADOOP-4343 > > Doug >
