[
https://issues.apache.org/jira/browse/HDDS-2140?focusedWorklogId=323182&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-323182
]
ASF GitHub Bot logged work on HDDS-2140:
----------------------------------------
Author: ASF GitHub Bot
Created on: 04/Oct/19 04:27
Start Date: 04/Oct/19 04:27
Worklog Time Spent: 10m
Work Description: dineshchitlangia commented on issue #1542: HDDS-2140.
Add robot test for GDPR feature
URL: https://github.com/apache/hadoop/pull/1542#issuecomment-538226560
> Unrelated to this patch (as this patch tests the CLI arguments) but I am
wondering how the core GDPR feature can be tested. I mean how can we be sure
that the data is _really_ unreadable (grep to the chunk files for a specific
strings??). To be honest, I have no idea, but putting this interesting question
to here ;-)
Recap: GDPR talk in Vegas ;)
- When putting a key in a GDPR enforced bucket, Ozone will create a
symmetric key and Client will use that to encrypt and write to key.
- This encryption key is stored in KeyInfo Metadata
- When reading the key, the encryption key is fetched from KeyInfo Metadata
and used to decrypt the key.
After our Vegas conference, we modified the delete path (HDDS-2174):
- When user asks Ozone to delete a Key, we first delete the encryption key
details from KeyInfo Metadata, then we move the KeyInfo to DeletedTable in OM.
- Since the encryption key is lost, there is no way you can read that
data(except if you restore a back/snapshot of your entire system from before
deletion, which will also be address in version 2)
- HDDS-2174 included a test to confirm the key metadata in DeletedTable does
not have the GDPR Encryption Key details. Thereby, even if you get your hands
on chunks, you will still read encrypted junk :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 323182)
Time Spent: 1h 10m (was: 1h)
> Add robot test for GDPR feature
> -------------------------------
>
> Key: HDDS-2140
> URL: https://issues.apache.org/jira/browse/HDDS-2140
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Components: test
> Reporter: Dinesh Chitlangia
> Assignee: Dinesh Chitlangia
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> Add robot test for GDPR feature so it can be run during smoke tests.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
