[
https://issues.apache.org/jira/browse/HBASE-9578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Kyle Purtell resolved HBASE-9578.
----------------------------------------
Resolution: Won't Fix
> Client side cell encryption
> ---------------------------
>
> Key: HBASE-9578
> URL: https://issues.apache.org/jira/browse/HBASE-9578
> Project: HBase
> Issue Type: New Feature
> Reporter: Andrew Kyle Purtell
> Priority: Major
>
> HBASE-7544 will protect key and value data on the server from accidental
> leakage by way of improperly disposed disks, improper direct filesystem
> access, or incorrect HDFS permissions. There are also use cases where
> sensitive data stored in a table or column family by a given user or
> application should be protected from all others, and the combination of
> transparent server-side storage encryption and transport security (SASL
> auth-conf) is still not sufficient. These instances call for a client side
> per-cell encryption feature, given the following additional observations:
> - The scope of transmission, distribution, and storage of private key
> material should be as limited as possible. The server is a centralized target
> (even in the case of an HBase cluster) where the scope of damage from a
> compromise is magnified if user key material also resides there or can be
> intercepted after compromise. Where keys are stored in hardware devices, e.g.
> smartcards, getting the keys to the server may be not possible anyway.
> - A client system is far more likely than a contended shared server resource
> to have necessary available CPU cycles for per-operation cryptographic
> overheads.
> For some cases we might not care so much about the second item, but the first
> is very important.
> I have an implementation of per cell client side encryption as an encrypting
> HTable wrapper which I could contribute if there is interest.
> This JIRA is also about brainstorming how to do better than that.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
