[ https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14042366#comment-14042366 ]
Owen O'Malley commented on HDFS-6134: ------------------------------------- I'm still -1 to adding this to HDFS. Having a layered file system is a much cleaner approach. Issues: * The user needs to be able move, copy, and distribute the directories without the key. I should be able to set up a falcon or oozie job that copies directories where the user doing the copy has *NO* potential access to the key material. This is a critical security constraint. * A critical use case for encryption is when hdfs admins should not have access to the contents of some files. Encryption is the only way to implement that since the hdfs admins always have file permissions to both the hdfs files and the underlying block files. * We shouldn't change the filesystem API to deal with encryption, because we have a solution that doesn't require the change and will be far less confusing to users. In particular, we shouldn't add hacks to read/write unencrypted bytes to HDFS. * Each file needs to record the key version and original IV as written up in the CFS design document. The IV should be incremented for each block, but must start at a random number. As Alejandro pointed out this is required for strong security. > Transparent data at rest encryption > ----------------------------------- > > Key: HDFS-6134 > URL: https://issues.apache.org/jira/browse/HDFS-6134 > Project: Hadoop HDFS > Issue Type: New Feature > Components: security > Affects Versions: 2.3.0 > Reporter: Alejandro Abdelnur > Assignee: Alejandro Abdelnur > Attachments: HDFSDataatRestEncryptionProposal_obsolete.pdf, > HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf > > > Because of privacy and security regulations, for many industries, sensitive > data at rest must be in encrypted form. For example: the healthÂcare industry > (HIPAA regulations), the card payment industry (PCI DSS regulations) or the > US government (FISMA regulations). > This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can > be used transparently by any application accessing HDFS via Hadoop Filesystem > Java API, Hadoop libhdfs C library, or WebHDFS REST API. > The resulting implementation should be able to be used in compliance with > different regulation requirements. -- This message was sent by Atlassian JIRA (v6.2#6252)