Neat stuff, Scott. Before we dive in too deeply, how does this differ from the native encryption offered inside of Accumulo?
Mike On Wed, May 31, 2017 at 4:38 PM, Ruoti, Scott - 0553 - MITLL < scott.ru...@ll.mit.edu> wrote: > All, > > > > Over the past several years, MIT Lincoln Laboratory has been exploring how > to protect data stored in Accumulo from malicious and honest-but-curious > system administrators. Currently, an administrator is free to view any data > stored in Accumulo, and can insert, modify, or delete data at will. To > address these threat vectors, we have developed the Proactively-secure > Accumulo with Cryptographic Enforcement (PACE) library. > > > > The PACE library supports both encrypting and signing records. Encryption > is used to ensure that only users with the appropriate keys (i.e., not the > system administrator) can read the unencrypted context of data stored in > Accumulo. Signatures can be used to provide protection against an > administrator spuriously inserting or modifying records. > > > > The PACE library works as a drop-in replacement for the existing Accumulo > client-API, allowing existing code to be secure with only the change of a > few lines of code. The PACE library can be found at This library can be > found at https://github.com/mit-ll/PACE. All are welcome to use this > library or fork the repository and modify the code for their own use. > > > > At this time, development of PACE at Lincoln Laboratory is complete. In my > free time, I will attempt to address any reported bugs, but I am also > interested in identify Accumulo developers that would like to help maintain > this library. Alternatively, I am willing to turn ownership of this library > entirely over to the Accumulo community. > > > > If you have any questions or comments about PACE, feel free to reach out > to me. > > > > Thank you, > > Scott Ruoti > > > > — > Dr. Scott Ruoti voice: (781) 981-1551 > Technical Staff mobile: (801) 300-7013 > Secure, Resilient Systems and Technology e-mail: scott.ru...@ll.mit.edu > Group 53 > MIT Lincoln Laboratory > > >
