[jira] [Updated] (HDFS-3637) Add support for encrypting the DataTransferProtocol

Wed, 25 Jul 2012 15:48:36 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-3637?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aaron T. Myers updated HDFS-3637:
---------------------------------

    Attachment: HDFS-3637.patch

Here's a patch which implements this feature.

This implementation works by adding SASL support to the DataTransferProtocol. 
When this feature is enabled, all uses of the DataTransferProtocol are wrapped 
by encrypted Input/Output streams, which are created based on an MD5-DIGEST 
SASL handshake. The shared key for this handshake is created by reusing 
Hadoop's existing security infrastructure for BlockTokens, which relies on a 
secret key shared between the NN and DNs. The BlockTokenSecretManager is 
extended to be able to issue/validate EncryptionKeys, which consist of a 
randomly-generated nonce signed with one of the block token secret keys. 
DataNodes are capable of creating/validating EncryptionKeys on their own, since 
they have access to the block token secret keys. Clients get an encryption key 
by requesting one from the NN, and using that subsequently when communicating 
with DNs. It's assumed that one must enable RPC confidentiality in order for 
the fetch of the encryption key to be protected. Regarding configuration, the 
NN and all DNs must enable this feature in their configurations. Clients need 
not update their configurations at all, but rather determine whether or not 
encryption is enabled when first communicating with the NN.
                
> Add support for encrypting the DataTransferProtocol
> ---------------------------------------------------
>
>                 Key: HDFS-3637
>                 URL: https://issues.apache.org/jira/browse/HDFS-3637
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: data-node, hdfs client, security
>    Affects Versions: 2.0.0-alpha
>            Reporter: Aaron T. Myers
>            Assignee: Aaron T. Myers
>         Attachments: HDFS-3637.patch
>
>
> Currently all HDFS RPCs performed by NNs/DNs/clients can be optionally 
> encrypted. However, actual data read or written between DNs and clients (or 
> DNs to DNs) is sent in the clear. When processing sensitive data on a shared 
> cluster, confidentiality of the data read/written from/to HDFS may be desired.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to