No immediate need, just wondered if that makes sense at all or is already thought of. I guess the idea is that data cannot be read from the storage directly. But then it is still unprotected on its way from the client to the RS's - and adding SSL to RPC seems "crazy". I guess best is to let the client encrypt the values before even hitting the API?
On Fri, Dec 18, 2009 at 2:10 AM, Andrew Purtell <apurt...@apache.org> wrote: > There hasn't been an issue filed for it. I just checked. > > What's the problem being solved? > > Architecturally I'd consider encryption at the HBase/storage infrastructure > perimeter, layered on top of a RESTful service. SSL. > > - Andy > > > > ----- Original Message ---- > > From: Lars George <lars.geo...@gmail.com> > > To: hbase-dev@hadoop.apache.org > > Sent: Thu, December 17, 2009 4:35:51 PM > > Subject: Encryption > > > > Hey, > > > > I was wondering if along with the DAC or before you ever considered > > encrypting data? Like the compression, have a ColFam parameter that > > specifies the encryption and the required details (password or > > certificate/key) and it transparently encrypts the data written to DFS. > We > > did talk about this during the Munich OpenHUG and I was curious to know > if > > there was ever something like this considered. > > > > Lars > > > > > >
